South Korean telecom giant SK Telecom (SKT) is facing a potential loss of KRW 7 trillion ($5 billion USD) over the next three years due to waived early termination fees and lost revenue, following a massive data breach that exposed USIM (Universal Subscriber Identity Module) authentication data. The breach has already driven 250,000 customers to switch carriers, with projections suggesting up to 2.5 million may follow. CEO Ryu Young-sang testified before the National Assembly, noting that if cancellations reach 5 million subscribers monthly, the financial impact could be catastrophic.

The data breach, affecting 25 million SKT and MVNO users, has been called “the worst hacking incident in telecom history.” In response, SKT has suspended new customer registrations while replacing compromised SIM cards and automatically enrolling users in USIM protection services. The breach led to an apology from SK Group Chairman Chey Tae-won, who pledged to enhance cybersecurity measures across the conglomerate.

Meanwhile, South Korea's Personal Information Protection Commission (PIPC) is expected to impose a record fine on SKT, surpassing the KRW 6.8 billion ($4.86 million) penalty issued to LG Uplus in 2023. With legal reforms allowing harsher sanctions, and the breach affecting a far greater number of users, SKT could face fines capped at 3% of total revenue — a significant increase from previous regulations.

This crisis underscores the critical need for robust cybersecurity measures, continuous network monitoring, and real-time threat detection. With cyberattacks on telecom infrastructure becoming more sophisticated, proactive security investments, advanced logging systems, and AI-driven risk mitigation are now essential for telecom providers to maintain customer trust and regulatory compliance. Read more about this story on our LinkedIn page