- SK Telecom has confirmed a malware attack that compromised sensitive USIM data for its 34 million customers.
- The company took immediate action to contain the breach and has notified authorities while an investigation is ongoing.
What happened: SK Telecom faces malware attack exposing USIM data of 34 million customers
SK Telecom, South Korea’s largest mobile carrier, has confirmed a significant malware attack that compromised sensitive USIM data belonging to its customers. The breach was detected on April 19, 2025, during a weekend when staffing levels were lower, allowing the malware to infiltrate the system.
Following its discovery, SK Telecom acted swiftly to delete the malware and isolate the affected equipment. The company has approximately 34 million subscribers, making the potential impact considerable. Although there is currently no evidence of misuse of the exposed information, the breach has raised alarms about the vulnerability of customer data.
Authorities, including the Korea Internet & Security Agency, have been notified, and an investigation is ongoing to determine the attack’s root cause and scope.
Also Read: SK Telecom revamps for the AI era
Also Read: SK Telecom launches AI-powered customer service tool
Why it’s important
The malware incident at SK Telecom underscores the escalating threats facing telecommunications companies and their customers in the digital age. With the telecom sector increasingly targeted by cybercriminals, the breach raises concerns about the security of sensitive customer data, including USIM information that can be exploited for SIM-swap fraud and tracking.
As mobile networks become more integral to daily life, the consequences of such breaches can extend beyond individual customers to affect overall trust in the industry.
Moreover, this incident reflects a broader trend of rising cyber threats targeting large corporations across various sectors. Recent reports indicate a surge in ransomware attacks and data breaches, often resulting in significant financial and reputational damage.
Companies must prioritise cyber resilience, adopting robust security measures and protocols to safeguard customer information. The incident at SK Telecom serves as a critical reminder for all organisations about the importance of vigilance against cyber threats, highlighting the need for improved security infrastructure to protect against potential attacks in the future.
