South Korean Telecommunications Data Breach Compromises 26.9 Million USIM Records

According to SK Telecom, over 9.32 gigabytes of USIM data have been compromised after a malware attack that remained unnoticed for almost three years.

It’s reported that the attack lasted from June 15 2022 to April 22 2025, and targeted over 20 South Korean Telecom servers, affecting around 25 million customers. The telecommunications company has addressed the issue by employing cyber-response measures that include removing malware and compartmentalizing online infrastructure.

• Amount of compromised data: Approximately 9.32GB, which translates to 26.9 million records.
• Types of compromised data: Names, date of birth, phone numbers, email addresses, and IMSI numbers, which are unique identifiers used to verify the authenticity of mobile subscribers on cellular networks.
• Type of attack: 25 types of malware and 21 new types of malicious code.
• Devices affected: Smartphones, smartwatches, and other IoT devices.

This sophisticated cyberattack is especially dangerous because bad actors can exploit IMSI numbers to gain unauthorized network access and launch SIM-swapping attacks. After the attack, the chair of the U.S. Federal Communications Commission and the Korean Minister of Science and ICT discussed the future of international cybersecurity cooperation, highlighting the need for more security collaboration between the two nations.

Cyberattacks targeting mobile devices have risen over the last few years, so protecting all devices, not only laptops or desktops, is critical. We recommend that all users follow a few tips to reduce the chances of a data breach and pay special attention to mobile devices that might go unnoticed.