Seoul: Servers at SK Telecom Co. containing personal information and universal subscriber identity module (USIM) data of all subscribers have been compromised in a cyberattack, raising concerns that critical USIM data used in financial transactions may have been leaked, a joint government-private investigation team said Monday.
According to Yonhap News Agency, the team's interim findings reveal that the breach dates back to June 15, 2022, when unidentified attackers are believed to have planted malware on the company's servers. A total of 23 SK Telecom servers were compromised, all of which store four types of USIM data, including international mobile subscriber identity (IMSI) information.
The IMSI is a unique identifier for each user on a network and could potentially be exploited in financial transactions. Among the affected servers, two had been used as temporary storage for personal data, such as names, birthdays, phone numbers, and email addresses.
Investigators are still working to determine the exact scope of data stored on those two servers. SK Telecom detected the breach on April 18.