Seoul: The South Korean government announced on Friday that it will impose a fine on SK Telecom Co. for its delayed reporting of a data breach that impacted all 25 million of its users. Additionally, the company has been instructed to waive customer cancellation fees. This decision comes after a two-month investigation into what is considered one of the most significant data leak incidents in the nation's history.
According to Yonhap News Agency, SK Telecom reported the data breach in April, revealing that universal subscriber identity module (USIM) data might have been compromised during an unidentified cyberattack on its servers. The government conducted a thorough inspection of the company's 42,605 servers and discovered that 28 were infected with 33 different types of malicious code, as stated by the Ministry of Science and ICT in a press release.
The ministry identified three main factors that contributed to the malware infection: poor management of account information, an inadequate response to previous security incidents, and insufficient encryption of critical data.