Seoul: KT Corp. has announced the detection of 20 illegal micro base station identifications (IDs) suspected of facilitating unauthorized mobile payment breaches, affecting 368 users with financial losses amounting to 240 million won (US$169,300). The company conducted a thorough review of 150 million mobile payment transactions between August 1, 2024, and September 10, 2025, which included 84 million micropayments and 63 million direct carrier billing (DCB) payments.

According to Yonhap News Agency, KT’s examination included the analysis of 4.03 trillion cases of network access records to trace log data from illegal micro base stations, commonly referred to as femtocells. This investigation led to the identification of 20 illegal femtocell IDs accessing its network, an increase from four IDs noted in the initial report, with connection records affecting approximately 22,200 users. Among these, 368 users suffered financial damages through unauthorized micropayments totaling around 240 million won.

The unauthorized connections were first reported on October 8 of the previous year, with affected areas growing from Seoul and its surrounding regions to the eastern province of Gangwon. KT has confirmed that while unauthorized micropayments were identified, no unauthorized payments occurred through DCB transactions. Additionally, no illegal payment attempts have been detected since September 5, when KT blocked all suspicious micropayment activities.

Despite criticism regarding KT’s alleged failure to encrypt SMS data used in micropayment processes, the company has refrained from commenting, citing an ongoing government investigation. Following the public attention from unauthorized micropayments reports in late August, the government established a joint public-private investigation team to scrutinize the incident. However, authorities have accused KT of non-cooperation and hindering the investigation, prompting a request for a formal police inquiry.

KT has stated, “We have reported the results of the examination to relevant authorities, including the Personal Information Protection Commission (PIPC). We apologize for the delay in completing the review and will fully cooperate with the government and police in their ongoing investigation.”