SK Telecom scrambles to restore trust after massive data breach

South Korea’s leading mobile carrier SK Telecom is facing mounting fallout from a recent hacking incident, with more than 70,000 users switching to rival providers in just two days after the company began offering free USIM card replacements.

Amid growing concerns that the data breach could spill over into the financial sector, South Korean financial authorities on Wednesday launched an emergency response team and tightened security protocols.

According to industry sources, 35,902 SK Telecom users switched to other major carriers Tuesday, following 34,132 users who switched Monday. During the same period, SKT gained only 11,991 new users.

“If we include those who moved to budget mobile carriers, the actual scale of the exodus is likely even higher,” an industry official said.

Roughly 60 percent of users who left SKT migrated to KT, while most of the remaining subscribers switched to LG Uplus.

SK Telecom CEO Ryu Young-sang acknowledged the severity of the cyberattack Wednesday, calling it “the worst hacking incident in the history of the telecommunications industry,” during a parliamentary hearing held by the National Assembly’s Science, ICT, Broadcasting and Communications Committee.

When Rep. Park Jeong-hun of the People Power Party asked whether the severity of the incident was due to a breach of a system once considered virtually impenetrable, Ryu admitted it was. He added that it will take at least three months to completely replace USIM cards for the company’s roughly 25 million subscribers.

“I sincerely apologize once again for the recent cyber incident. Our initial response was lacking in many ways. We will do everything we can to restore trust and resolve the situation,” Ryu said.

He noted that SKT’s USIM Protection Service offers a comparable level of security and that both he and SK Group Chairman Chey Tae-won are using the service without replacing their USIM cards.

Regarding the possibility of additional data leaks beyond the three Home Subscriber Servers confirmed to have been breached, Ryu said further confirmation would depend on an ongoing joint investigation by government and private sector experts.

Earlier in the day, the Financial Services Commission and the Financial Supervisory Service held a joint meeting with key financial infrastructure institutions and industry associations to coordinate risk prevention measures in response to the SKT data leak.

According to the authorities, no signs of fraudulent activity had been detected so far. However, FSC Secretary-General Kwon Dae-young urged financial institutions to remain vigilant, warning that a spillover into financial systems could cause serious damage.

“We will operate a dedicated emergency response center and require financial institutions to report daily on any irregularities,” Kwon said. “Special attention must be given to vulnerable groups, such as the elderly, to ensure no one is left exposed.”

He also instructed key financial infrastructure providers to strengthen their cybersecurity protocols.

The cyberattack — confirmed to have resulted in the leak of about 9.7 gigabytes of data after an SK Telecom server was infected with malware on April 18 — is delivering a significant blow to the telecom giant.

While SKT still leads its competitors in subscriber numbers — with KT at 13.3 million and LG Uplus at 10.9 million — the company is expected to face major financial burdens, including regulatory fines and legal costs, as users prepare to file a class action lawsuit.

Four SKT subscribers have already filed a lawsuit with the Seoul Central District Court, each seeking 10 million won ($7,300) in damages over the data breach. An online community organizing separate lawsuits has amassed around 50,000 members.

Shinhan Securities estimated that the cost of USIM card replacement alone could reach up to 200 billion won, based on an average replacement cost of 4,000 won per card for the entire subscriber base of 25 million.