SK Telecom, South Korea’s largest telecommunications provider, confirmed on April 22 that its internal systems were breached in a hacking attack, raising concerns over a possible data leak involving universal subscriber identity module (USIM) cards.
As public anxiety continues to grow, the company has rolled out a three-tier protection plan that includes an upgraded fraud detection system, its existing USIM protection service and free USIM card replacements upon request.
Since the free replacement program began Monday, approximately 705,000 users — just 2.8 percent of SK Telecom’s subscriber base — have replaced their USIM cards, with progress reportedly slowed by limited inventory.
Despite these protective measures, customer trust appears to be eroding. On Tuesday alone, 35,902 subscribers switched to rival carriers, following 34,132 the previous day. About 60 percent moved to KT Corp., with most of the rest opting for LG Uplus.
To help consumers better understand the situation, The Korea Herald answers key questions surrounding the recent USIM data leak.
Q. What is a USIM?
A universal subscriber identity module is a smart card that stores subscriber information to authenticate users on mobile networks. It contains data such as the subscriber’s phone number and international mobile subscriber identity (IMSI), but does not contain personal information like their name, resident registration number, or address.
Q. What USIM information was leaked in the recent security incident?
According to the Ministry of Science and ICT’s preliminary findings on Tuesday, subscriber phone numbers and IMSI data were leaked. However, international mobile equipment identity (IMEI) numbers, the 15-digit serial numbers that uniquely identify a mobile device, like a smartphone or tablet, were not compromised. The ministry said that users subscribed to SK Telecom’s USIM protection service are safeguarded from illegal USIM cloning and unauthorized use, commonly known as SIM swapping.
Q. What protective measures is SK Telecom taking for customers?
SK Telecom has implemented a three-layered protection system: an enhanced fraud detection system to block suspicious authentication attempts, a USIM protection service and free USIM card replacement upon request.
Q. What is the fraud detection system?
The FDS monitors real-time network activity and blocks abnormal authentication attempts. For instance, if a subscriber is located in Seoul but a login is attempted from Busan, the system identifies it as suspicious and denies access. SK Telecom has upgraded this system to its highest security level in response to the breach.
Q. What is the USIM protection service?
This service binds a USIM card to a specific mobile device, preventing it from being used if cloned and inserted into another device. Even if a USIM is illegally copied, it cannot function unless it is paired with the original device.
Q. Do customers using the USIM protection service still need to replace their USIM cards?
The USIM protection service offers equivalent security to USIM replacement. However, SK Telecom provides free USIM replacement for customers seeking additional protection. Users will need to reinstall any data stored on the USIM, such as digital certificates.
Q. What is the newly proposed “USIM formatting” method?
The so-called “USIM format” is a software-based method currently being developed by SK Telecom. It aims to provide the same security as replacing the physical USIM card but with less inconvenience. Instead of swapping hardware, the USIM’s internal software will be reconfigured. While users still need to visit a service center, the process is expected to be quicker and more user-friendly. The service is planned for rollout in May.
Q. Can financial assets be stolen using leaked USIM information?
No. Even if a USIM is cloned using the leaked data, it cannot connect to SK Telecom’s network without passing through security systems like the FDS. Furthermore, financial theft requires additional personal information, such as passwords or identity verification. No related financial crimes have been reported to date.
Q. If a USIM is cloned, are contacts, messages or apps also copied?
No. The leaked data only includes identification information stored on the USIM. Personal content such as contacts, messages and apps is not related to the incident.
Q. Does setting a USIM PIN help in this case?
A USIM PIN locks the USIM to prevent unauthorized use if physically stolen, but it is not directly related to the recent data leak.
Q. Can someone use services like calls or texts on a cloned phone without the owner knowing?
No. Only one line per phone number can access the network at any given time. SK Telecom’s FDS and USIM protection service are designed to prevent unauthorized access. Customers are strongly encouraged to enroll in the USIM protection service.
Q. Is the Pass app’s identity theft protection enough to replace the USIM protection service?
No. Personal smartphone authentication app Pass app prevents identity theft by blocking unauthorized phone account registrations using stolen personal data. It does not protect against USIM cloning. Therefore, the USIM protection service is still necessary.
yeeun@heraldcorp.com
