Unraveling the SK Telecom Data Breach: A Comprehensive Timeline of South Korea’s Telecom Giant’s Security Incident
In April 2025, South Korea’s leading telecommunications provider, SK Telecom (SKT), experienced a significant cyberattack that compromised the personal data of approximately 23 million customers—nearly half of the nation’s population. This incident has raised serious concerns about data security and customer trust within the telecom industry.
Impact of the Data Breach on SK Telecom
At a recent National Assembly hearing in Seoul, SKT’s CEO, Young-sang Ryu, revealed that around 250,000 customers have already switched to other telecom providers due to the breach. He anticipates this number could soar to 2.5 million if the company eliminates cancellation fees.
Financial Ramifications for SK Telecom
Ryu mentioned that if SKT chooses not to impose cancellation fees, the company could face losses of up to $5 billion (approximately ₩7 trillion) over the next three years. This potential financial impact underscores the seriousness of the situation.
“SK Telecom considers this incident the most severe security breach in the company’s history and is committed to minimizing damage to our customers,” a company spokesperson stated in an email to TechCrunch. Furthermore, an investigation is currently underway to determine the extent of the breach and the responsible parties.
Details of the Cyberattack
The Personal Information Protection Committee (PIPC) of South Korea disclosed that 25 different types of personal information, including mobile phone numbers and unique identifiers, were stolen from SKT’s central database. This data breach poses an increased risk for customers, particularly concerning SIM swapping attacks and potential government surveillance.
Immediate Response and Measures Taken
Following the breach, SKT has initiated several protective measures, including:
- Offering SIM card protection and free replacements to affected customers.
- Isolating the compromised device immediately upon detecting the breach.
- Developing a new system to protect user information through enhanced SIM protection services.
As of now, SKT has reported no verified instances of customer information being misused or distributed on the dark web.
A Timeline of Events Related to the Data Breach
- April 18, 2025: Detection of abnormal activities, including unusual logs on monitoring equipment.
- April 19, 2025: Confirmation of a data breach in the home subscriber server.
- April 20, 2025: Incident reported to Korea’s cybersecurity agency.
- April 22, 2025: Public announcement of a potential data breach involving user USIM data.
- April 28, 2025: Initiation of free SIM card replacements for affected users.
- April 30, 2025: South Korean police commenced an investigation.
- May 1, 2025: Reports suggest potential involvement of China-backed hackers.
- May 6, 2025: Discovery of additional malware strains linked to the breach.
- May 7, 2025: Public apology from SK Group chairman, Tae-won Chey.
- May 8, 2025: Ongoing assessment of cancellation fees for affected users.
For those interested in learning more about data protection and cybersecurity, visit the Personal Information Protection Commission of South Korea for guidelines and updates.
This incident serves as a stark reminder of the vulnerabilities present in digital infrastructures and the importance of robust cybersecurity measures in protecting personal information.
