SK Telecom, South Korea’s largest mobile carrier, has launched emergency measures following a significant cyberattack that exposed sensitive customer USIM card data. The attack, detected on April 19, raised concerns over unauthorized access to SIM card information, potentially leading to SIM swapping and other cybersecurity risks.
While SK Telecom has not fully disclosed the extent of the data breach, reports suggest that the breach may have compromised the USIM information of all 23 million of its customers and possibly even users of mobile virtual network operators (MVNOs). However, only 6 million SIM cards are available for replacement through May, indicating that the company is taking steps to mitigate potential risks and address customer concerns regarding personal information security.
SK Telecom is offering free SIM card replacements to approximately 25 million mobile subscribers in response to the recent cyberattack that compromised customer USIM data. However, due to supply constraints, the company can initially replace only up to 6 million SIM cards by May 2025.
Customers who were subscribed to SK Telecom as of April 18, 2025, are eligible for the replacement. The company plans to secure an additional 5 million SIM cards by the end of May. The company will commence a SIM card formatting system by earlier next month to allow users to update their SIM card data without a physical replacement.
To avoid overcrowding at stores, SK Telecom is launching an online reservation system, effective from April 28, to allow customers to book their SIM replacements in advance. This system is designed to streamline the process and reduce wait times, which is particularly important given the high volume of customers potentially impacted by the breach.
Customers can access the reservation platform via the T World homepage or directly at care.world.co.kr, where they can select their preferred store after verifying their identity. Upon successful reservation, a confirmation message with store details will be sent.
The breach, detected on April 19, exposed sensitive technical SIM data such as IMSI, MSISDN, and authentication keys but did not involve customer names, financial details, or other personally identifiable information. Although the immediate risk of financial fraud and identity theft is limited, the primary concern is SIM swapping, where malicious actors may use the stolen data to impersonate customers and gain unauthorized access to their phone numbers. In addition to the SIM replacement program, SK Telecom has expanded its SIM protection service to include mobile virtual network operator (MVNO) users, offering an added layer of security against fraudulent SIM swaps.
The service, however, temporarily disables international roaming features, an issue the company is working to resolve. Customers who replaced their SIM cards at their own expense due to the breach will be reimbursed. SK Telecom has also committed to taking full responsibility for any losses incurred by affected customers, acknowledging the significant impact of the breach on its reputation.
The company’s transparency regarding the breach has been questioned, as it has yet to provide a clear picture of how much customer data was compromised. Despite this, customer response has been swift, with petitions filed demanding a full investigation and appropriate compensation.
SK Telecom is working closely with the Korea Internet Security Agency (KISA) and law enforcement to investigate the potential involvement of state-sponsored actors or organized cybercriminals in the attack. Although no additional damage has been reported, SK Telecom is actively monitoring the situation and coordinating with authorities to prevent any further risks.
