Main Menu
,

SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data

SK Telecom is replacing SIM cards for 25 million users after a malware breach exposed USIM data. Supply limits restrict replacements to 6 million by May.
Facebook Twitter Youtube Linkedin
SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data
Table of Contents
    Add a header to begin generating the table of contents

    SIM Swapping Risk Prompts Urgent Customer Action

    SK Telecom is providing free SIM card replacements to all 25 million of its mobile customers following a recent cyberattack that compromised USIM data. However, the company warns that only 6 million SIM cards will be available for replacement through May 2025 due to supply limitations.

    SK Telecom is South Korea’s largest mobile network provider, covering approximately half of the country’s mobile user base.

    Malware Attack Exposed Sensitive SIM Data

    The breach was identified on April 19, when SK Telecom detected malware operating on its network. This malware enabled threat actors to extract key information stored on users’ SIM cards.

    The compromised data includes:

    • International Mobile Subscriber Identity (IMSI)
    • Mobile Station ISDN Number (MSISDN)
    • Authentication keys
    • Network usage information
    • SMS and contact data stored on SIMs

    No personally identifiable information (PII), such as names or financial data, was exposed.

    The primary concern is the potential for SIM swapping, a technique where attackers clone a SIM card to hijack a user’s phone number and intercept communications.

    Enhanced Protections and Free SIM Replacement Initiative

    SK Telecom has stated that its Fraud Detection System (FDS) and SIM Protection Service have been upgraded to detect and block unauthorized SIM changes.

    “Currently, SK Telecom holds 1 million SIM cards and plans to secure 5 million more by the end of May 2025,” the company stated in an April 28 update.

    Free SIM replacements are being offered to all subscribers registered as of April 18, 2025 (Japan time), including 2 million users with affiliated budget carriers.

    Due to limited stock, customers are asked to use the company’s online reservation system at care.tworld.co.kr to schedule their SIM swap in advance.

    Roaming Disabled for SIM Protection Users

    The company has clarified that subscribers with SIM Protection activated will have international roaming temporarily disabled as a precaution. An upgrade is in progress to allow the feature to work while abroad.

    Ongoing Investigation and Customer Communication

    SK Telecom is still investigating the scope and root cause of the attack. At this stage, no dark web leaks or secondary damages have been confirmed.

    An official FAQ has been published to assist customers, and all affected users will receive personalized security instructions via direct message.

    Trending
    Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
    Vulnerability Alert – 30th April, 2025
    Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
    MTN Ghana Data Breach Impacts 5,700 Customers, Investigation Underway
    CISA Flags Broadcom, CommVault, and Active! Mail Vulnerabilities as Actively Exploited
    M&S Cyberattack Halts Online Sales, Triggers Major Financial Impact
    The Silent Majority: Why 51% of Internet Traffic Is Now Bots
    From 1,382 to 4 Million: What VeriSource Didn’t Know (or Say)
    Actively Exploited: Commvault Web Shells, Active! mail RCE, and Brocade Code Injection Now in KEV
    Over 1,200 SAP NetWeaver Servers Exposed to Actively Exploited Critical Vulnerability

    Daily Briefing Newsletter

    Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

    Related Posts

    LayerX Secures $45M Total to Battle Data Leaks, One Browser at a Time

    AirBorne: How a Zero-Click Bug Threatens Millions of Apple and Third-Party Devices

    $10.5M to Fight AI-Phishing: The Rise of Pistachio’s Cybersecurity Training Platform

    Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack

    Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack

    Vulnerability Alert - 30th April, 2025

    Vulnerability Alert – 30th April, 2025

    Fighting AI with AI Using Artificial Intelligence to Strengthen Enterprise Cybersecurity

    Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity