At around 11 p.m. on April 19, 2025, SK Telecom’s core communication server, the HSS (Home Subscriber Server), was infected with malware, resulting in a customer data leak. The leaked information included critical identification data such as the International Mobile Subscriber Identity (IMSI), device serial number (IMEI), and SIM authentication key, which carry a very high risk of being exploited in crimes such as SIM cloning and SIM swapping.
On April 21, SK Telecom officially announced the hacking incident and decided to immediately implement security enhancement measures, including free SIM card replacement for all customers. They particularly encouraged customers to subscribe to the SIM protection service, promising full compensation for any future damages caused by hacking for those who enroll.
Actual cases of damage from the incident are already emerging. In Busan, a customer was unknowingly signed up for a budget phone service and suffered a fraudulent withdrawal of about 50 million won. Some customers are experiencing direct financial losses due to the leak of SIM information.
Following the incident, the demand for SIM replacement at stores and dealerships nationwide surged explosively, causing a shortage of SIM card stock. Long lines have formed in front of dealerships, and some stores have run out of SIM cards, leading to serious customer inconvenience. Customer complaints are rapidly increasing, and a trust crisis towards SK Telecom is spreading quickly.
Movements for collective lawsuits among affected customers are also gaining momentum. The number of members in related online communities has surpassed 8,000, and social backlash is spreading nationwide through actions such as petitions to the National Assembly and boycotts of SK Group products.
In this situation, on the morning of April 28, 2025, SK Telecom CEO Yoo Young-sang urgently convened headquarters employees for a town hall meeting. CEO Yoo emphasized, “This incident is not merely a security breach, but a major crisis that threatens customer trust and the very existence of the company,” and strongly urged the company to mobilize for on-site dealership support.
Immediately after the town hall meeting, SK Telecom began offering free SIM card replacements for customers wishing to replace their SIM cards at all T World stores nationwide. They swiftly deployed additional personnel and operated a special logistics system to secure SIM stock. Along with the SIM replacement, they also promoted free subscription to the SIM protection service to prevent additional hacking damages.
This incident is not just a simple issue of personal information leakage but is acting as a serious risk that fundamentally shakes trust in the overall telecommunications infrastructure. SK Telecom has started a comprehensive security inspection of its core communication infrastructure and plans to invest heavily in strengthening its information protection system to the highest global standards.
However, the problem does not end there. Fundamental distrust in communication services could accelerate customer churn and lead to a collapse of trust across finance, public sectors, and the private sector. Particularly, the ripple effects could be significant in sectors like financial transactions and identity verification services, which rely on SIM and device authentication. As the trust in society’s digital infrastructure wavers, this incident holds the potential to escalate beyond a telecommunications industry risk into a national cybersecurity issue.
SK Telecom must recognize deeply that it is essential to not merely take short-term measures but to transparently disclose information, implement structural reforms to prevent recurrence, and act responsibly to restore trust across the telecommunications industry.
An SK Telecom official stated, “We deeply acknowledge the heavy responsibility for this incident and will make protecting customers our top priority.”
