Customers lined in front of the SK Telecom agency

As reliance on smartphone-based services and digital authentication systems increases, the recent hacking of SK Telecom SIM cards has caused great social shock and concern. The hacking incident involving SK Telecom was first detected on April 18, 2025, when the company confirmed that some SIM card information had been leaked due to a malicious code. Soon after on April 20, SK Telecom reported the breach to the Korea Internet & Security Agency (KISA) and announced it on ‘T World,’ the app for the SK Telecom users. However, the notice was only displayed as a pop-up on the app, and no text message alert was sent. As a result, many users remained unaware of the breach, leading to considerable confusion and inconvenience. SK Telecom explained that the reason why text was not sent was because the affected customers had not yet been identified.

Meanwhile, SK Telecom is facing a large-scale loss of subscribers after the incident. As a result, an unprecedented number of subscribers have switched providers, and SKT’s stock prices have plummeted amid growing concerns over fines and replacement costs.

SK Telecom stated that it will handle penalty waivers for those affected by the hacking in accordance with individual customer contracts. The National Assembly Research Service also stated that there are various limitations in the current law, and it is unlikely that penalties for number portability can be exempted. Instead of exemptions, SK Telecom is seeking to address public anger by promising to strengthen security and provide compensation in case of damages. SK Telecom stated in a briefing, “We will do our best in every way to restore trust and make every effort to resolve this situation.”

The Ministry of Science and ICT announced on April 29 that the first results showed that the SK Telecom hacking incident did not result in the leakage of IMEI numbers, after a week-long investigation by the public-private joint investigation team.

Meanwhile, the Ministry of Science and ICT announced in its second investigation that the investigation team had identified and taken action against 25 types of malware, including 24 variants of BPFDoor and one web shell.

The investigation team also stated that they will transparently disclose any findings that may pose a risk to the public and will formulate response measures at the government level.

Nevertheless, public anxiety over the incident remains high. It seems that the cause is distrust in the current situation where compensation for the hacking incident is not being properly provided and consumers who have to apply for SIM cards replacements are not properly compensated.

In the case of Mobile Friends, a service popular among exchange students, a representative stated that they connect users to SKT’s network only upon request and hope to receive timely alerts in the event of future issues.

To respond to the leak, SKT announced that it has strengthened its Fraud Detection System (FDS) to the highest level. The system automatically detects and blocks cloned SIM cards the moment they attempt to connect to the network. SKT began offering free SIM card replacements to all customers who were using its services as of midnight on April 18, 2025. The company also encouraged users to sign up for its SIM Protection Service, which binds a SIM card to a specific device, preventing unauthorized use on other terminals. According to SK Telecom, as of 9AM on May 6, the service had 24.11 million subscribers, 96% of its total 25 million users. This includes 2 million from mobile virtual network operators using the SKT network.

While such hacking threats are not new, adapting to rapidly evolving technologies requires proactive and consistent risk management. Rather than reacting after incidents occur, continuous monitoring, early detection, and proactive communication are essential to prevent future breaches.

Reporter

Hyeonseon Namgung

namgung0121@seoultech.ac.kr

Reporter 남궁현선

• 직책 :
• e-mail : namgung0121@seoultech.ac.kr