SK Telecom Fined, Told to Boost Data Security After Breach

In April 2025, SK Telecom, South Korea’s largest mobile carrier, suffered a cyberattack that resulted in the leak of 26.96 million pieces of user data, marking one of the most severe breaches in the nation’s telecommunications history.

The incident exposed critical vulnerabilities in the telecom sector’s digital infrastructure and triggered widespread concern among both consumers and industry stakeholders.

Fines and mandated security overhaul

South Korean authorities responded swiftly, ordering SK Telecom to strengthen its data security protocols and imposing a fine of up to US$23,000.

The Ministry of Science and ICT stated: “SK Telecom failed to fulfil its duty of care to protect USIM data and did not comply with relevant regulations. Therefore, it is deemed negligent in this incident.”

Science Minister Yoo Sang-im described the breach as “a wake-up call for information protection” across the entire network infrastructure, not just within telecommunications.

Investment and customer remediation

Following regulatory findings, SK Telecom announced a comprehensive response plan. It committed to investing US$560 over five years to enhance data protection measures and bolster its security workforce.

Additionally, SK Telecom offered a 50% discount on August subscription fees for all 24 million customers and began providing free USIM card replacements at more than 2,600 retail locations nationwide.

As of late June, approximately 9.39 million users had already replaced their USIMs.

SK Telecom CEO Ryu Young-sang addressed the public, stating: “All SK Telecom executives and employees take the results of the public-private joint investigation very seriously and once again sincerely apologise to customers and society for the cyber breach incident.”

It further pledged to take full responsibility for any harm caused, with SK Group Chairman Chey Tae-won issuing a formal apology the previous month.

Revenue revisions and market fallout

The financial repercussions for SK Telecom have been substantial. It revised its 2025 revenue forecast downward by 800 billion won to account for the estimated 500 billion won cost of the customer benefit package related to the breach. Analysts estimate that the cost of USIM card replacements alone could reach US$153.8m.

Furthermore, SK Telecom faces the prospect of up to US$5.6bn in potential losses over the next three years due to declining revenue and waived early termination fees, as customer trust has been severely shaken.

Since the incident, SK Telecom has experienced a significant customer exodus, with 250,000 subscribers leaving immediately and the potential for churn to reach 2.5 million, according to CEO Ryu.

The breach has prompted class-action lawsuits, with damages sought for each affected individual.

A cautionary tale for telecom operators

The SK Telecom breach has sent shockwaves throughout the telecommunications industry, prompting regulators and operators alike to reassess the effectiveness of traditional security strategies. The incident highlighted the risks posed by third-party vulnerabilities—specifically, weaknesses in widely used VPN equipment—which served as the suspected entry point for the attack.

Regulatory bodies such as the Financial Services Commission and the Financial Supervisory Service have since tightened security protocols across the sector, and emergency response teams have been established to prevent spillover effects into the financial industry.

The breach demonstrates a stark reality for the telecommunications sector: even industry leaders with substantial resources and advanced infrastructure are not immune to sophisticated cyber threats. As one industry observer noted: “Your defences are only as strong as the weakest link in your supply chain."

Lessons for the telecommunications sector

The SK Telecom data breach stands as a pivotal moment for the industry, demonstrating the far-reaching consequences of cyber incidents on business continuity, customer trust and regulatory compliance.

The regulatory response and SK Telecom’s subsequent actions offer a blueprint for how telecom operators must proactively address cybersecurity risks, invest in robust protection measures, and maintain transparent communication with both regulators and customers.