Particle.news
Download on the App Store
6 ARTICLES
·
6h ago

South Korea Fines SK Telecom 134.8 Billion Won Over Massive SIM Data Breach

The carrier must place personal-information oversight under its chief privacy executive.

A logo of SK Telecom is seen at the SK Telecom headquarters, in Seoul, South Korea, July 4, 2025. REUTERS/Kim Soo-hyeon/ File Photo
A person walks by an SK Telecom store in Seoul on Aug. 27, 2025. (Yonhap)
Image
Ko Hak-soo (C), chairman of the Personal Information Protection Commission, speaks during a briefing on the regulator's fine against SK Telecom Co. over a major data leak at the government complex in Seoul on Aug. 28, 2025. (Yonhap)

Overview

  • The Personal Information Protection Commission issued its largest penalty to date, plus a 9.6 million won administrative surcharge, after finding pervasive security failures.
  • Investigators said 25 categories of data for about 23.2 million LTE and 5G subscribers were exposed, with total users affected exceeding 26 million before exclusions for corporations and multiple-account holders.
  • Findings cited absent access controls to internal servers, unpatched operating systems dating back to 2016, ignored intrusion-detection alerts, plaintext dumps of thousands of server credentials, and 26.1 million unencrypted SIM authentication keys.
  • The probe determined attackers infiltrated SK Telecom’s network in August 2021 and June 2022 and exfiltrated about 9.82 GB of subscriber data on April 18, 2025.
  • SK Telecom expressed regret, said it will review the written decision and possible legal steps, and noted ongoing remediation including free USIM replacements and a compensation and cybersecurity program of roughly 1 trillion won.