Seoul: KT Corp.'s chief acknowledged Wednesday that the company had poorly managed micro base stations linked to recent unauthorized mobile payment breaches.
According to Yonhap News Agency, "After the incident, we reviewed the management of femtocells and found numerous vulnerabilities and poor management," Kim Young-shub, chief executive officer (CEO) of KT, said during a parliamentary hearing. "We have since taken measures to prevent illegal femtocells from connecting to the network."
A femtocell is a small, low-power cellular base station, typically designed for use in homes or small businesses. Kim said KT outsources their installation and management.
The company revealed that unregistered femtocells were connected to its network around late August, gaining access to private data of 362 users, with damages estimated at 240 million won (US$173,000).
Kim also mentioned that KT is expanding its analysis to all authentication data, following lawmakers' concerns that the company's probe had focused only on breaches involving the automated response system (ARS).
"Analysis takes time, so we initially reviewed ARS data. We are now analyzing all authentication methods, including short message service," Kim stated, adding that the company is assessing the full scale of the damage.
KT earlier explained that hackers had intercepted ARS calls intended to authorize mobile payments in some of the reported cases.