Cell community operator SK Telecom, which serves roughly 34 million subscribers in South Korea, has confirmed that it suffered a cyber assault earlier this month that noticed malware infiltrate its inner techniques, and entry information associated to clients’ SIM playing cards.
The breach occurred at round 11pm native time, on the night time of Saturday 19 April 2025, in what’s believed to have been an assault deliberately timed to use a day and time when there could also be much less employees monitoring in place.
Responsibly, SK Telecom knowledgeable the Korean Web & Safety Company (KISA) the next day, and fulfilled its authorized obligation to inform the Private Data Safety Fee on Monday 21 April that there had been a possible information breach.
Though no buyer names, start dates, or monetary particulars have been leaked, the data figuring out SIM playing cards is taken into account extremely delicate – because it might allow a decided felony to hijack victims’ telephone numbers in a “SIM Swap” assault.
SK Telecom says that its engineers detected and deleted the malware risk on its community, and took the compromised community servers offline as quickly because it realised {that a} information breach could have occurred. Sadly, regardless of its greatest efforts – thousands and thousands of customers’ SIM particulars might have been put in danger, and should now be within the palms of cybercriminals.
Though SK Telecom has not confirmed the whole variety of customers whose SIM particulars have been uncovered, it has acknowledged that thousands and thousands of people could possibly be in danger.
The excellent news is that SK Telecom says it has seen no proof that the delicate information has been exploited by cybercriminals. The unhealthy information is that it would not essentially know if it had been exploited or not.
Since its breach, SK Telecom has confronted some criticism for the way in which it has communicated information of the cyber assault to its clients. Though it up to date its web site and cellular app with a safety advisory, some customers felt they need to even have proactively acquired an SMS alert informing them of the state of affairs.
Apologising for the breach and responding to complaints about its response to the incident, SK Telecom has apologised and begun to ship out SMS notifications to clients. As well as, the corporate has mentioned it’s strengthening its safety within the hope of stopping comparable incidents in future, and pledged to have a clear inquiry into what occurred.
Hacks like this are a wake-up name for telecoms corporations worldwide that they have to safe their techniques in opposition to the specter of cybercriminals and state-sponsored hackers.
And all companies can be sensible to study that hackers would possibly try to strike at anytime, day or night time, not simply throughout weekday enterprise hours.
If a hacker can exploit a window of alternative – akin to late within the night on a weekend – to sneak into your community undetected, they will not have any qualms about doing so.
Companies which might be dealing with essential or delicate information ought to guarantee their alerting techniques and incident response plans work via weekends and holidays simply as simply as every other day of the week.
