Excerpt from The Korea Times Article, Published on May 19, 2025.
In a severe blow to South Korea’s telecom sector, SKT (SK Telecom) has confirmed a massive cybersecurity breach that compromised the personal data of approximately 27 million users. The breach, which surpasses SK Telecom’s entire customer base of 25 million, has been deemed one of the worst in the nation’s telecommunications history. It has raised urgent questions about SKT’s data security practices and the broader risks faced by critical infrastructure.
According to the joint investigation team, malware was discovered on 23 out of 30,000 Linux-based servers operated by SKT. These infected servers stored over 9.8GB of data, including 26.95 million IMSI (International Mobile Subscriber Identity) records. More alarmingly, two of the servers contained 290,000 IMEI (International Mobile Equipment Identity) records—an element previously thought to be unaffected. The leaked information also includes names, dates of birth, phone numbers, and email addresses. While SK Telecom initially claimed that IMEI data was not compromised, updated forensic analysis confirmed the opposite, sparking concern over possible USIM card cloning. Although SK Telecom and government officials have stated that cloning devices with leaked data remains highly unlikely, the threat cannot be fully ruled out.
The malware involved—BPFDoor—has been linked to Red Menshen, a China-based cyber-espionage group. Experts suspect the motive behind the SK Telecom breach may be political rather than financial, especially given the absence of ransom demands. SKT’s critical role in South Korea’s communications infrastructure makes it a prime target for state-sponsored attacks. In response, SKT has fortified its fraud detection system and pledged to prevent cloned phones from accessing its network. Government authorities continue to press SK Telecom for compensation measures and demand greater accountability. This breach serves as a stark reminder of the escalating cyber threats facing essential service providers like SKT.
To delve deeper into this topic, please read the full article The Korea Times.
