SK Telecom has come under criticism for reporting inadequate information to the relevant authorities after its subscriber identification module (USIM) information was stolen in a hacking attack, leading to confusion in initial responses.
On the 29th, according to data submitted to Chairperson Choi Min-hee of the Science and Technology Information and Communications Committee of the National Assembly by SK Telecom and the Korea Internet & Security Agency (KISA), the company reported the internal system hacking incident to the authorities two days late despite being fully aware of it.
On April 18, at around 11:20 p.m., SK Telecom first confirmed traces of malware infection and file deletion on its charging analysis equipment (WCDR). By 11:40 p.m. on the 19th, it further identified indications of USIM information leakage from its 'Home Subscriber Server' (HSS) that manages key subscriber information. The company reported the related facts to KISA at 4:36 p.m. on the 20th, two days after its initial awareness.
In the report submitted to KISA, SK Telecom only noted that 'malware was installed on its equipment by an unidentified individual presumed to be an unknown hacker, leading to suspected system file leaks.' There are claims that the company deliberately concealed clear factual circumstances. Choi noted, "By delaying the report of the incident to KISA, SK Telecom may have intentionally attempted to cover up the damage it had already identified."
From Chairperson Choi's perspective, a lack of immediate recognition of the severity of the matter arose from KISA's reading of SK Telecom's report. In fact, there have been controversies surrounding claims that KISA is 'looking the other way' regarding SK Telecom's incident.
However, KISA informed Choi's office that 'SK Telecom only reported that the signs of intrusion had been confirmed at the time of the report, and did not specify that malware infection or data leakage had been confirmed.' KISA stated that even after the report, it had not been informed of any evidence of intrusion by hackers, nor had it confirmed malware or file leakage.
Choi stated, "It must be clearly established whether SK Telecom intended to conceal or downplay the hacking incident," adding, "Given that this is a matter related to the basic communication safety and information sovereignty of the public, I will thoroughly seek accountability in the National Assembly hearing and ensure that practical measures to prevent recurrence are implemented."