Customers queue outside an SK Telecom office in Seoul at noon on April 29 to swap out their SIM cards. [YONHAP]
[NEWS ANALYSIS]
Following a mass exodus of subscribers and a significant decrease in market capitalization totaling 923.6 billion won ($643.2 million), South Korea’s leading wireless provider, SK Telecom (SKT), is suffering major repercussions due to a security lapse concerning their SIM cards.
The security incident, initially identified by the telecommunications company on April 18, has turned into a widespread effort across the country to replace SIM cards in order to protect against threats like phone cloning and monetary scams resulting from exposed information.
According to JoongAng Ilbo, an affiliate of the Korea JoongAng Daily, approximately 34,132 subscribers changed their mobile plans to competing providers KT and LG U+ on Tuesday. If we include departures from lower-cost service options using the SKT network—data points excluded from this report—the total number could potentially rise.
SKT’s stock price has been declining this week due to an increase in customer complaints regarding SIM card shortages and rising worries among both private companies and government bodies about possible data breaches. The share value plummeted by 6.75% on Monday and then fell another 0.93%, closing at 53,400 won on Tuesday.
In the meantime, competing companies KT and LG U+ reached their highest points over the past year on the Kospi market, finishing at 51,600 won and 11,960 won per share, respectively.
Nationwide fiasco
A collective lawsuit is picking up steam among SKT customers, as users plan to pursue legal measures and refrain from using the service. Since its inception on Sunday, over 49,000 individuals have enrolled in a Naver Cafe group backing this initiative.
A screenshot from a Naver Café group formed on April 27, which brings together SK Telecom customers planning to take legal action due to a data breach and intending to boycott their telecommunications services [screenshot].
According to Yonhap News Agency, government departments and public organizations were among the initial entities instructed by the national intelligence agency to replace SIM cards in their work-related wireless equipment. This includes smartphones, tablets, as well as 4G and 5G mobile hotspots.
On April 25, the National Police Agency entered into a strategic alliance with SKT to accelerate the process of replacing SIM cards for company-owned smartphones as soon as supplies become available. Every enterprise device has been enrolled in security services provided by the leading telecommunications companies to stop additional data breaches.
Large corporations like Hyundai Motor are making efforts to obtain SIM cards for top-tier executives and have set up internal support services available starting Monday. Samsung Electronics has instructed its executives to immediately swap out their SK Telecom SIM cards. Similarly, instructions to replace SIM cards were issued to staff members across key firms of national importance including HD Hyundai, Hanwha, Naver, and Kakao.
The effects of SKT’s data breach are reverberating across the nation since the mobile provider held around 44 percent of the domestic mobile market share in February 2025, with approximately 24.97 million subscribers.
Experts anticipate that SKT’s stock prices may rebound if the crisis can be limited to the singular financial strain of issuing new SIM cards.
Until worries about significant drops in subscriptions ease up, investor confidence isn’t expected to bounce back,” stated Shinhan Securities’ analyst Kim Aram. “The share price performance of telecom companies generally depends on their profitability, exposure to regulation, and dividend policies. Assuming the financial repercussions fall between 100 to 200 billion won—accounting for an estimated loss of around 25 million subscribers along with possible fines in the same range—it seems probable that SK Telecom’s present approach to rewarding shareholders will remain unchanged.
Lax security management?
A contributing element to the hacking incident stems from SKT’s comparatively modest expenditure on data security relative to its rivals, which has garnered significant scrutiny as worries about data safety intensify.
As reported by the Korea Internet & Security Agency (KISA), SKT allocated 60 billion won towards data security in 2024, which represents only 4.1% of their yearly operating income. By contrast, KT spent 121.75 billion won, and LG U+ dedicated 63.17 billion won to this sector.
Why did this happen?
A collaborative effort between public and private sectors spearheaded by the Ministry of Science and ICT aims to uncover the reasons behind the incident, with expectations that this probe will last around one or two months. According to a document delivered by SKT to Representative Choi Min-hee, chairing the National Assembly’s committee for science, technology, information, broadcasting, and communications on Tuesday, approximately 9.7 gigabytes of data were compromised due to the cyberattack.
Choi demonstrated the magnitude by pointing out that this quantity equates to roughly 9,000 books, or around 2.7 million pages of documentation. The report states that SKT initially identified irregular network activity suggestive of data extraction at their security operations center at 11:20 PM on April 18.
By 1:40 a.m. on April 19, the firm had contained the billing analysis machinery affected by malicious software and initiated an investigation into how the system was breached and the scope of the data leak.
That evening, around 11:40 p.m., SKT detected indications of a possible data breach originating from its Home Subscriber Server (HSS). This server is responsible for authenticating 4G and 5G users during voice communications.
BY LEE JAE-LIM [[email protected]]
