SKT Is 'No Leakage' and Customers Are Unrested

The government has found 13 additional malicious codes, including 12 BPF Door and one web shell, in connection with the hacking of SK Telecom (CEO Yoo Young-sang). It also did not rule out the possibility of leakage of the unique identification number (IMEI). SK Telecom stressed that there was no leakage, but SK Telecom customers are still nervous.

Choi Woo-hyuk, a policy officer at the Information Protection Network, said on Wednesday, "Based on 9.82GB of USIM information and the subscriber identification key (IMSI), 26,957,749 cases have been leaked. So far, 23 servers have been infected, and 25 types of malicious codes have been found." He added that he checked two servers that temporarily stored personal information such as the unique identification number (IMEI) of the device and is investigating whether they were infected or not.

The Ministry of Science and ICT said that for the two servers that store IMEI and others, there was no data leakage during the period when log records remained (December 3, 2024 to April 24, 2025). However, it has not been confirmed whether the data was leaked from the time when the malicious code was first installed (June 15, 2022 to December 2, 2024) during which no log records were left. The Ministry of Science and ICT estimated that the malicious code was first planted on June 15, 2022.

In a related development, SK Telecom admitted that it was infected with malicious code but insisted that there was no leakage of personal information. "Technically, it is safe," Ryu Jung-hwan, vice president of the Infrastructure Strategy and Technology Center, said in a daily briefing on Monday afternoon. "If it is leaked, we will take full responsibility." He added, "We have quarantined the affected servers and there is no leakage due to this."

He also apologized for failing to recognize that malicious code had been planted for about three years. "It is difficult to catch infringement," Vice President Ryu said. "We can say that there was no such part (leakage) in the past as there was no such part (leakage) as there is a specific pattern of leakage." He continued, "We will strengthen security measures such as installing vaccines in the future."

Experts point out that the risk of personal information leakage remains. "The Ministry of Science and ICT's expression is ambiguous, but in fact, it should be seen as leaving open the possibility of IMEI leakage," said a security-related professor who asked not to be named. "It is rare to conduct a full investigation of servers, but the situation is getting worse as additional malicious codes continue to be found."

Customers are also worried. Members of SK Telecom's class action cafe, which participated in the class action suit, commented negatively, "A 26.95 million cases of leakage were all hacked," "What the hell did you do that hacking started three years ago?" and "It was leaked from 2022 and somehow spam exploded."

Politicians are also criticizing SK Telecom. "We can't help but point out SK Telecom's overall poor security management," said representatives of the Minjoo Party and the Cho Kuk Innovation Party, a member of the National Assembly's Science, Technology, Information, Broadcasting and Communications Committee. "The fact that SK Telecom was left without security inspection for nearly three years from the time of the initial installation of the malicious code (June 15, 2022) to the discovery of the accident shows SK Telecom's poor security management."

They also said, "The failure to encrypt IMEI and personal information (name, date of birth, phone number, and e-mail) just because encryption is not mandatory shows SK Telecom's complacent attitude in dealing with personal information."

The lawmakers continued, "SK Telecom is only trying to get out of it by saying, 'There is no customer damage,' and urged SK Telecom to cooperate with clear accountability and come up with sufficient compensation measures for affected users and distribution networks."

fun3503@chosunbiz.com