On the 25th, SK Telecom, which was subjected to a hacking attack, revealed its customer information protection policy by introducing a "free replacement of USIM (Subscriber Identification Module)." Experts assessed that SK Telecom's measures are "a proactive approach to completely block the misuse of leaked information."
Ryu Young-sang, president of SK Telecom, held a press conference at the SK Telecom headquarters in Euljiro, Jung-gu, Seoul, and noted that the company will provide free USIM cards to all customers, including those wanting to switch providers, starting from the 28th at national stores and airport roaming centers. The company plans to retroactively apply this program to customers who changed their USIM at their own expense between the 19th and the 27th.
Ryu said, "While the investigation is still ongoing, this is an additional measure to alleviate the concerns of customers who continue to feel anxious," adding, "We will continue to strengthen technology to block USIM duplication and will enhance services to protect USIMs even while roaming abroad."
In addition, SK Telecom is implementing customer information protection measures, including enhancing the Fraud Detection System (FDS) to block abnormal authentication attempts and informing consumers about the free service called "USIM protection." This service blocks others from duplicating or stealing USIM information to access communication services on different devices.
SK Telecom claimed that, to date, only indications of USIM-related information being leaked have been found, and that key personal information, such as addresses and resident registration numbers, has not been hacked. The company also stated that no cases of misuse of the leaked information have been discovered. However, concerns have been raised that if the stolen USIM-related information is misused, there could be a risk of creating duplicate smartphones, leading to larger damages.
Experts analyzed that utilizing SK Telecom's measures, including ▲ USIM replacement, ▲ FDS enhancement, and ▲ USIM protection services, can fundamentally block the misuse of stolen information. Yeom Heung-yeol, chairman of the Korea Personal Information Protection Council and a professor at Soonchunhyang University, said, "The free replacement of USIMs is a practical and appropriate way to regain customer trust from a technical perspective," explaining, "This is because the information stolen by hackers becomes unusable." He noted that assuming only USIM-related information was leaked, merely "replacing the USIM" could fundamentally block illegal use or misappropriation of smartphones.
Jang Hang-bae, a professor at Chung-Ang University’s Department of Cyber Security, also assessed that SK Telecom's "free USIM replacement" is "a way to prevent potential misuse in advance and minimize the variables for theft." He explained, "If advanced hacking techniques are used to exploit the information stored in the USIM, it is possible to deceive security measures to access communication services. By replacing the USIM, this potential for misuse can be significantly reduced."
Lee Jong-hoon, head of the Infrastructure Strategy Division at SK Telecom, stated, "We believe that replacing the USIM can provide a fundamental solution to the abuse of some information that is presumed to have been leaked," adding, "We will establish measures to prevent recurrence based on the results from the government investigation team in the future." He continued, "Even with FDS and USIM protection services, the effect corresponding to the replacement exists," while noting that "the free replacement provides an additional option to ultimately alleviate customer anxiety."
SK Telecom's free USIM replacement came just seven days after the hacking attack was detected. It is the customer information protection measure implemented five days after reporting the fact to the Korea Internet & Security Agency (KISA).