In April 2025, SK Telecom experienced a cyberattack that involved malware planted by hackers on its network, leading to the suspected leakage of SIM card–related data for its 24 million customers. Although the company promptly detected and removed the malicious code on April 19, no confirmed instances of data exploitation, fraud or dark-web sales have been reported to date. Nonetheless, the incident sparked widespread customer anxiety, fueled by delayed communication and service interruptions. Subscribers faced longer wait times at customer service centers, and travelers relying on mobile connectivity encountered frustrations and uncertainty. Media coverage and social media discussions amplified concerns over potential misuse of sensitive information such as SIM identifiers and authentication tokens. In response, SK Telecom isolated compromised equipment, blocked unauthorized SIM changes and abnormal authentication attempts, and promoted a free SIM card protection service to prevent unauthorized copying or use of SIM cards. Chairman Chey Tae-won publicly apologized, accepted full responsibility for the slow response and unclear communication, and announced sweeping internal reforms, including the formation of an Information Protection Innovation Committee and increased investments in cybersecurity across SK Group. The breach highlighted the critical importance of transparent crisis management and robust data security measures in maintaining customer trust.
Source: https://thecyberexpress.com/sk-telecom-chairman-breaks-silence-cyberattack/
"id": "sk-843050725",
"linkid": "sk-telecom-americas",
"type": "Breach",
"date": "5/2025",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"