Home > National > Social Affairs

SK Telecom CEO apologizes, acknowledges SIM hacking case as worst in telecom history

Published: 30 Apr. 2025, 15:50 Updated: 07 May. 2025, 16:28

Ryu Young-sang, CEO of SK Telecom, speaks as a witness during the National Assembly’s Science, ICT, Broadcasting and Communications Committee on April 30. [JOONGANG ILBO]

Ryu Young-sang, CEO of SK Telecom, apologized on Wednesday over a major hacking incident involving SIM data, acknowledging that it was “the worst hacking case in the history of the telecom industry.”

Appearing as a witness at the National Assembly’s Science, ICT, Broadcasting and Communications Committee, Ryu agreed when Rep. Park Jeong-hun of the People Power Party (PPP) asked whether the incident was the worst ever in the telecom sector.

“Yes,” he responded. When asked again if it was because “something that should have been impossible to breach was breached,” Ryu answered again with, “Yes.”

Ryu also acknowledged that there were “procedural flaws” in the company’s delayed reporting of the breach to the Korea Internet & Security Agency, as pointed out by PPP Rep. Choi Soo-jin.

When asked by Rep. Lee Hai-min of the Rebuilding Korea Party if he could say “100 percent” that no servers other than the three Home Subscriber Servers (HSS) were compromised, Ryu replied that they would have to “wait for the results of the joint public-private investigation.”

Rep. Lee raised concerns that the breach occurred within a closed internal network.

“The question is whether the hacker only accessed USIM information once they got into the closed network,” she said. “There is even speculation that hackers may have exploited vulnerabilities in the virtual private network [VPN] and infiltrated the system for as long as a year.”

Yoo Young-sang, CEO of SK Telecom, center, speaks as a witness during the National Assembly’s Science, ICT, Broadcasting and Communications Committee on April 30. [NEWS1]

During the session, Ryu offered a formal apology.

“I apologize again regarding this cyber intrusion incident,” he said. “There were many shortcomings in our initial response. We will do our utmost to remedy the situation.”

“Replacing a USIM card takes physical time,” Ryu said. “If you first subscribe to the USIM Protection Service, I can guarantee a level of security comparable to that of a full USIM replacement.

“SK Group Chairman Chey Tae-won and SK Supex Council Chairman Chey Chang-won also did not replace their USIM cards but subscribed to the USIM Protection Service,” Ryu continued. “I, too, judged that the USIM Protection Service was sufficient without replacing my USIM, and subscribed to the service only. Even if one is not subscribed to the USIM Protection Service, we will take responsibility if damages occur due to leaked USIM information.”

Addressing concerns about users being unable to subscribe to the protection service while abroad under current circumstances, Ryu said the company would provide support at airports so travelers can replace their USIM cards before departure.

Asked whether customers should be exempt from early termination fees if they switch carriers during their contract period, Ryu said, “We’ll review the matter comprehensively.”

Second Vice Minister of Science and ICT Kang Do-hyun added that the ministry is “reviewing the legal grounds” for waiving such penalties in cases where the company is at fault.

Rep. Lee criticized the stance, saying that “the responsibility for customers leaving a telecom provider lies with the company. This should not be treated as a matter of policy review but as an obligation to provide compensation for damages.”

Rep. Choi Hyung-du of the PPP also added, “I’m receiving authentication texts from [local financial services provider] Toss, which I don’t even use. Even us lawmakers are feeling anxious. How do you think the general public must feel?”

Translated from the JoongAng Ilbo using generative AI and edited by Korea JoongAng Daily staff.
BY CHO MUN-GYU [[email protected]]