A major data breach at South Korea’s largest mobile provider, SK Telecom, has put the personal information of 25 million customers at risk. The company discovered malware that allowed for mass SIM swapping, a technique used to hijack accounts.
The Breach and its Aftermath
SK Telecom initially stated that no misuse of the stolen data had been confirmed. However, reports surfaced of customers experiencing financial losses. One customer reported having $34,000 stolen from their bank account after their SK Telecom mobile plan was unexpectedly cancelled and re-registered under their name with a different provider.
This incident prompted a group of victims, the “SKT USIM Hacking Joint Response,” to form and demand a full investigation into the attack. They expressed concerns about potential future damage from the leaked information, which could impact financial accounts and social media profiles that rely on mobile phone authentication. They criticized SK Telecom’s response as inadequate.
SK Telecom’s Response and the SIM Card Rollout
In response to the breach, SK Telecom offered free SIM cards to all 25 million affected customers. However, the company’s initial supply is far short of the demand. They currently have only 1 million SIM cards available, with plans to secure 5 million more by the end of May. Customers are advised to pre-register online due to expected long wait times.