Breach cyber

SK Telecom

May 7, 2025 2 min read
SK Telecom

In April 2025, SK Telecom experienced a cyberattack that involved malware planted by hackers on its network, leading to the suspected leakage of SIM card–related data for its 24 million customers. Although the company promptly detected and removed the malicious code on April 19, no confirmed instances of data exploitation, fraud or dark-web sales have been reported to date. Nonetheless, the incident sparked widespread customer anxiety, fueled by delayed communication and service interruptions. Subscribers faced longer wait times at customer service centers, and travelers relying on mobile connectivity encountered frustrations and uncertainty. Media coverage and social media discussions amplified concerns over potential misuse of sensitive information such as SIM identifiers and authentication tokens. In response, SK Telecom isolated compromised equipment, blocked unauthorized SIM changes and abnormal authentication attempts, and promoted a free SIM card protection service to prevent unauthorized copying or use of SIM cards. Chairman Chey Tae-won publicly apologized, accepted full responsibility for the slow response and unclear communication, and announced sweeping internal reforms, including the formation of an Information Protection Innovation Committee and increased investments in cybersecurity across SK Group. The breach highlighted the critical importance of transparent crisis management and robust data security measures in maintaining customer trust.

Source: https://thecyberexpress.com/sk-telecom-chairman-breaks-silence-cyberattack/

TPRM report: https://scoringcyber.rankiteo.com/company/sk-telecom-americas

"id": "sk-843050725",
"linkid": "sk-telecom-americas",
"type": "Breach",
"date": "5/2025",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': '24 million',
                        'industry': 'Telecommunications',
                        'location': 'South Korea',
                        'name': 'SK Telecom',
                        'type': 'Telecommunications Company'}],
 'attack_vector': 'Malware',
 'data_breach': {'number_of_records_exposed': '24 million',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['SIM card–related data',
                                              'SIM identifiers',
                                              'authentication tokens']},
 'date_detected': '2025-04-19',
 'description': 'SK Telecom experienced a cyberattack involving malware that '
                'potentially leaked SIM card–related data for its 24 million '
                'customers. The malware was detected and removed on April 19, '
                '2025. No confirmed instances of data exploitation or fraud '
                'have been reported, but the incident caused widespread '
                'customer anxiety due to delayed communication and service '
                'interruptions. SK Telecom responded by isolating compromised '
                'equipment, blocking unauthorized SIM changes, and promoting a '
                'free SIM card protection service. The company announced '
                'internal reforms and increased investments in cybersecurity.',
 'impact': {'brand_reputation_impact': ['Widespread customer anxiety',
                                        'Amplified concerns over potential '
                                        'misuse of sensitive information'],
            'customer_complaints': ['Frustrations and uncertainty for '
                                    'travelers relying on mobile connectivity'],
            'data_compromised': ['SIM card–related data',
                                 'SIM identifiers',
                                 'authentication tokens'],
            'operational_impact': ['Service interruptions',
                                   'Longer wait times at customer service '
                                   'centers']},
 'lessons_learned': ['Transparent crisis management',
                     'Robust data security measures',
                     'Importance of clear and timely communication'],
 'post_incident_analysis': {'corrective_actions': ['Isolating compromised '
                                                   'equipment',
                                                   'Blocking unauthorized SIM '
                                                   'changes',
                                                   'Promoting a free SIM card '
                                                   'protection service']},
 'recommendations': ['Increased investments in cybersecurity',
                     'Formation of an Information Protection Innovation '
                     'Committee'],
 'response': {'communication_strategy': ["Chairman Chey Tae-won's public "
                                         'apology and acceptance of '
                                         'responsibility'],
              'containment_measures': ['Isolating compromised equipment',
                                       'Blocking unauthorized SIM changes',
                                       'Blocking abnormal authentication '
                                       'attempts'],
              'remediation_measures': ['Promoting a free SIM card protection '
                                       'service']},
 'threat_actor': 'Hackers',
 'title': 'SK Telecom Cyberattack',
 'type': 'Malware Attack'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.