Do Son 
South Korean telecommunications giant SK Telecom has reported a cyberattack that resulted in unauthorized access to sensitive subscriber data associated with USIM cards. The incident occurred overnight between April 19 and April 20, 2025, a period during which most organizations were operating in a limited capacity—an apparent tactical advantage exploited by the attackers.
The company, which serves over 34 million customers and commands nearly half of South Korea’s mobile market, detected traces of malicious code within its systems at approximately 11:00 PM local time. In a statement, SK Telecom confirmed that upon identifying the potential breach, the malware was promptly eradicated, and the compromised infrastructure was immediately isolated.
At present, company officials report no verified instances of misuse involving the stolen data. Nevertheless, the incident has been swiftly escalated to the Korea Internet & Security Agency (KISA) and the Personal Information Protection Commission for further investigation.
The nature and extent of the breach remain under assessment. However, it has been confirmed that data stored on USIM cards is at risk. These microchips contain unique subscriber identifiers, phone numbers, authentication keys, and, in some cases, messages and contact lists. Such data poses a serious threat, as it can be leveraged for surveillance, geolocation tracking, and SIM swapping attacks.
In response, SK Telecom has implemented heightened safeguards to prevent unauthorized SIM-related activities. All suspicious actions involving authentication and number portability are now subject to automatic blocking and may result in service suspension.
Subscribers are urged to activate the company’s dedicated USIM Protection Service, which prevents number transfers to another SIM card without explicit user consent. The service can be enabled via SK Telecom’s official online portal.
To date, no hacker group has claimed responsibility for the attack. The investigation is ongoing, and SK Telecom has pledged to keep its customers informed as new information emerges.
