SK Telecom, South Korea’s largest mobile operator, suffered a major cyberattack disclosed in April 2024, compromising the personal data of approximately half the nation’s population. The breach exposed call data records (CDRs), enabling potential reconstruction of sensitive communications, including those involving high-level government officials. The Personal Information Protection Commission (PIPC) fined the company 134.8 billion won ($97 million) for negligence in data protection, delayed breach reporting, and prolonged security lapses dating back to 2022. Investigations revealed systemic vulnerabilities, with regulators criticizing the company’s failure to address known weaknesses despite repeated opportunities.The attack raised national security concerns, as lawmakers warned that exposed call logs could endanger government communications and intelligence operations mirroring incidents like China-linked hackers (Salt Typhoon) breaching U.S. telecoms (e.g., AT&T) to monitor senior officials. Public outrage in South Korea initially focused on ransomware and financial risks, but the broader implications included potential espionage, intelligence leaks, and threats to critical infrastructure. The government responded by proposing a National Cybersecurity Act to unify emergency responses and improve threat intelligence sharing. SK Telecom acknowledged the failings and pledged to prioritize data protection, though regulators mandated reforms, including waiving penalties for customers leaving the network.
Source: https://www.claimsjournal.com/news/national/2025/08/29/332693.htm
TPRM report: https://www.rankiteo.com/company/sk-telecom
"id": "sk-633082925",
"linkid": "sk-telecom",
"type": "Cyber Attack",
"date": "6/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': "~half of South Korea's "
'population',
'industry': 'telecommunications',
'location': 'South Korea',
'name': 'SK Telecom Co.',
'size': 'large (largest mobile operator in South '
'Korea)',
'type': 'telecommunications operator'}],
'data_breach': {'data_exfiltration': ['likely (call logs and customer data '
'accessed)'],
'number_of_records_exposed': "~half of South Korea's "
'population (estimated tens of '
'millions)',
'personally_identifiable_information': ['likely (customer '
'data)'],
'sensitivity_of_data': ['high (includes call logs with '
'potential national security '
'implications)'],
'type_of_data_compromised': ['customer data',
'call data records']},
'date_publicly_disclosed': '2024-04',
'description': 'South Korea’s largest mobile operator, SK Telecom, was fined '
'134.8 billion won ($97 million) by the Personal Information '
'Protection Commission (PIPC) after a cyberattack disclosed in '
'April 2024 compromised the data of about half the nation’s '
'population. The breach exposed vulnerabilities dating back to '
'2022, with allegations of prolonged lapses in securing user '
'data. The incident raised concerns over national security '
'risks, including potential exposure of call logs involving '
'high-level government communications. The company was '
'criticized for failing to report breaches promptly and for '
'systemic weaknesses in data protection practices.',
'impact': {'brand_reputation_impact': ['severe damage due to national-scale '
'breach and regulatory criticism'],
'customer_complaints': ['high (public outrage)'],
'data_compromised': ['customer data',
'call data records (potential exposure of '
'call logs)'],
'financial_loss': {'fine': '134.8 billion won ($97 million)'},
'identity_theft_risk': ['high (personal data theft risks)'],
'legal_liabilities': ['fines imposed by PIPC',
'potential legal actions from affected '
'customers'],
'operational_impact': ['regulatory scrutiny',
'public outrage',
'customer churn risk']},
'initial_access_broker': {'high_value_targets': ['call data records '
'(potential exposure of '
'government '
'communications)']},
'investigation_status': 'completed (PIPC and Ministry of Science and ICT '
'investigations concluded)',
'lessons_learned': ['Prolonged systemic vulnerabilities can lead to '
'catastrophic breaches with national security '
'implications.',
'Timely reporting and proactive remediation of security '
'weaknesses are critical to mitigating risks.',
'Telecom operators must prioritize data protection as a '
'core business value to prevent regulatory and '
'reputational damage.'],
'post_incident_analysis': {'corrective_actions': ['Company commitment to '
'prioritize personal data '
'protection.',
'Regulatory-mandated '
'improvements in oversight '
'and security practices.',
'Potential adoption of '
'unified cybersecurity '
'frameworks (e.g., National '
'Cybersecurity Act).'],
'root_causes': ['Systemic weaknesses in data '
'protection dating back to 2022.',
'Failure to address identified '
'vulnerabilities in a timely '
'manner.',
'Inadequate oversight and '
'compliance with breach reporting '
'requirements.']},
'recommendations': ['Implement robust, continuous monitoring for data '
'protection gaps.',
'Enhance incident response protocols to ensure timely '
'breach reporting.',
'Adopt unified national cybersecurity frameworks (e.g., '
'proposed National Cybersecurity Act) to improve '
'emergency response and intelligence sharing.',
'Conduct regular third-party audits to identify and '
'address vulnerabilities proactively.'],
'references': [{'source': 'Bloomberg'},
{'source': 'Personal Information Protection Commission (PIPC) '
'of South Korea'},
{'source': 'Ministry of Science and ICT (South Korea)'},
{'source': 'Statement by Lawmaker Yu Yong Weon (National '
'Cybersecurity Act proposal)'}],
'regulatory_compliance': {'fines_imposed': '134.8 billion won ($97 million)',
'legal_actions': ['PIPC investigation',
'regulatory orders for improved '
'oversight'],
'regulations_violated': ['Personal Information '
'Protection Act (South '
'Korea)',
'timely breach reporting '
'requirements'],
'regulatory_notifications': ['PIPC public '
'disclosure',
'Ministry of Science '
'and ICT '
'recommendations']},
'response': {'communication_strategy': ['public statement expressing regret',
'acknowledgment of regulatory '
'findings'],
'remediation_measures': ['company pledged to make personal data '
'protection a core value',
'improved oversight ordered by PIPC']},
'stakeholder_advisories': ['PIPC ordered SK Telecom to improve oversight and '
'data protection practices.',
'Ministry of Science and ICT recommended waiving '
'penalties for customers leaving the network.'],
'title': "SK Telecom Data Breach Affecting Half of South Korea's Population",
'type': ['data breach', 'cyberattack'],
'vulnerability_exploited': ['systemic weaknesses in data protection',
'prolonged lapses in security oversight']}