Particle.news
Download on the App Store
6 ARTICLES
·
4d ago

SK Telecom Cyberattack Confirmed to Have Leaked Personal and SIM Data

Investigators reveal extensive breaches dating back to 2022, with millions of IMSI and IMEI entries and personal data potentially exposed.

This file photo taken on April 22, 2025, shows the company's headquarters in Seoul. (Yonhap)
Image
This illustration highlights universal subscriber identity module (USIM) chips. (Yonhap)
Image

Overview

  • A joint investigation confirmed that 23 SK Telecom servers were compromised, leaking 9.32 GB of IMSI data and 9.82 GB of IMEI data, potentially affecting up to 26.9 million users.
  • Two of the breached servers temporarily stored personal data, including names, birthdates, phone numbers, and email addresses, raising further privacy concerns.
  • The breach, caused by malware planted in June 2022, went undetected until April 2025, with log gaps from 2022–2024 hindering full confirmation of data leaks during that time.
  • SK Telecom is offering free USIM replacements and enrolling all 25 million subscribers in a protection service to mitigate risks of identity theft and financial fraud.
  • Forensic inspections are ongoing, with 15 of 23 infected servers analyzed and the remaining eight expected to be reviewed by the end of May 2025.