A cyberattack on SK Telecom’s servers has exposed personal and USIM-related data belonging to the company’s entire subscriber base, according to interim findings released Monday by a joint government and private sector investigation team.
Investigators traced the breach to June 15, 2022. Malware had been installed on 23 servers operated by SK Telecom, which stored four categories of USIM-related information, including International Mobile Subscriber Identity (IMSI) numbers used to uniquely identify devices on mobile networks.
Authorities estimate that about 9.32 gigabytes of USIM-related data may have been compromised, potentially exposing roughly 26.9 million IMSI numbers. For context, SK Telecom currently serves around 25 million customers, including about 2 million users on budget mobile plans.
Two of the affected servers temporarily held personal information—names, birth dates, phone numbers and email addresses. Investigators are still determining the full extent of the personal data stored on those machines and whether any of it was accessed or exfiltrated.
Although firewall logs from December 3, 2024, to April 24, 2025, show no signs of outbound data transfers, missing logs from June 15, 2022, to December 2, 2024, prevent authorities from ruling out earlier leakage during that period.
SK Telecom discovered the intrusion on April 18 and promptly implemented several protective measures. The company is offering free USIM card replacements to all 25 million subscribers to mitigate the risk of identity theft and financial misuse of personal information. Additionally, SK Telecom has automatically enrolled all users in its USIM protection program, which the company says offers safeguards comparable to physically replacing a USIM card.
International response and US–Korea cooperation
Following the breach, South Korea’s Minister of Science and ICT, Yoo Sang-im, held meetings with senior U.S. officials to discuss coordinated responses to cybersecurity threats in the telecommunications sector. These talks addressed the need for stronger international cooperation to prevent and respond to telecom-related attacks.
During a May 14 meeting in Washington with Federal Communications Commission Commissioner Brendan Carr, officials emphasized closer international coordination, citing the SK Telecom incident and attacks attributed to the China-based Volt Typhoon group against U.S. telecom infrastructure as examples of growing risks.
Officials also exchanged updates on cybersecurity certification initiatives. Korea’s Internet of Things (IoT) security certification system and the FCC’s Cyber Trust Mark were discussed as areas where harmonized standards and mutual recognition could reduce duplication and streamline compliance for companies operating in both markets.
Yoo’s discussions touched on Washington’s designation of South Korea as a “sensitive country,” a classification that has raised concerns about potential restrictions on U.S. research and development funding for Korean projects.
On May 15, Yoo met with Lynne Parker, deputy director at the White House Office of Science and Technology Policy, stressing the importance of maintaining robust scientific and technological collaboration despite shifts in U.S. research funding priorities. U.S. officials confirmed continued enforcement of a research security memorandum established by the prior administration and outlined strategic investment areas including artificial intelligence, quantum technologies and biotechnology.
Further meetings with representatives from the National Science Foundation explored research partnerships and ways to secure joint scientific initiatives. Yoo also joined a virtual meeting with Kim Young-kee, director of Fermilab, to discuss possible collaboration on large-scale scientific infrastructure projects.
Steps toward AI infrastructure and industry support
To support Korea’s AI ambitions, Yoo visited NVIDIA’s U.S. headquarters and met with executives Jay Puri and Kalista Redmond. Korea’s National IT Industry Promotion Agency (NIPA), which is overseeing the National AI Computing Centre, signed an agreement with NVIDIA to secure a stable supply of high-performance GPUs needed for domestic AI development.
“The United States remains Korea’s most important overseas research partner, so we must closely monitor changes in U.S. policy and respond accordingly,” Yoo said, underscoring the need for continued bilateral cooperation in technology and research.
(Photo credit as provided in the original)
Related coverage: Reports have noted how advances in AI are increasing the sophistication of cyber threats, a trend that underscores the importance of cross-border cooperation on cybersecurity and standards.
Planning to update your digital transformation strategy? Events such as Digital Transformation Week and industry-focused conferences on IoT, AI, cybersecurity and cloud technologies offer forums for practitioners to learn about best practices and emerging standards.