An SK Telecom employee assists customers seeking to replace their USIM cards at a retail branch in Seoul on Monday, following a security incident involving potential exposure of SIM-linked subscriber data. (Moon Joon-hyun/The Korea Herald)
An SK Telecom employee assists customers seeking to replace their USIM cards at a retail branch in Seoul on Monday, following a security incident involving potential exposure of SIM-linked subscriber data. (Moon Joon-hyun/The Korea Herald)

South Korea’s top intelligence agency has ordered all government ministries and public agencies to replace SK Telecom USIM cards used in official devices, following a cyberattack that compromised the core systems the company uses to verify mobile users on its network.

The National Intelligence Service confirmed to The Korea Herald that it issued the directive on Tuesday, requiring USIM replacements in all SKT-connected work phones, tablets, and even mobile routers that support essential services like traffic control and remote monitoring.

Until replacements are completed, agencies must activate SK Telecom’s optional “USIM Protection Service” to prevent potential misuse.

The move follows the discovery of unauthorized access to SKT’s subscriber authentication system, a key part of its telecom infrastructure. While it’s still unclear what exact data was accessed or extracted, the system holds encrypted credentials that authenticate users across the mobile network. If exploited, this information could allow attackers to impersonate users or clone SIM cards — raising concerns about fraud and identity theft.

“Some SIM information may have been exposed during the attack,” the Ministry of Health and Welfare reportedly wrote in an internal notice this week. “That creates a risk of phone cloning and related scams. Employees using SK Telecom should replace their USIM cards or activate USIM protection.”

Other ministries, including the Ministry of the Interior and Safety and the Ministry of Education, are also taking action. The Interior Ministry has asked departments to even stop using SKT personal phones for work and is reviewing which official devices are still on SKT networks. An Interior Ministry official acknowledged they haven’t yet figured out exactly how many of their approximately 5,500 employees are SKT customers.

Meanwhile, South Korean tech giants like Samsung, Naver, and Kakao have already begun replacing employee USIMs. With over 23 million subscribers, SK Telecom is now facing public backlash, customer defections and signs of an emerging class-action lawsuit.

A spokesperson for the NIS described the USIM replacement directive as “a preemptive measure to limit further risk before the full impact of the intrusion is understood.”


mjh@heraldcorp.com