SK Telecom experienced a large-scale breach that exposed universal subscriber identity module (USIM) data affecting roughly 23 million subscribers. Attackers entered systems after gaps allowed access between internet-facing systems and the internal management network. Intrusion detection logs were not reviewed while attackers mapped infrastructure and extracted authentication data from core systems. Administrators stored thousands of server credentials in plaintext on a management server, including 4,899 usernames and passwords for 2,365 servers and unprotected access to Home Subscriber Server (HSS) databases. The Personal Information Protection Commission found multiple failures across defensive layers and imposed a record ₩134.5 billion fine.
The company allegedly didn't check logs from intrusion detection systems so it ignored anomalous behavior while attackers quietly mapped out the operator's infrastructure. In one particularly damning finding, the PIPC report said administrators had dumped thousands of server credentials in plaintext on a management network server. Around 4,899 usernames and passwords for 2,365 servers were just sitting there, without so much as a password protecting access to Home Subscriber Server (HSS) databases, the regulator claimed.
The case stems from a breach disclosed in April, when SK Telecom admitted that hackers had swiped the universal subscriber identity module (USIM) data of almost 27 million subscribers. The Personal Information Protection Commission (PIPC) said that the country's biggest carrier "did not even implement basic access controls" between its internet-facing systems and internal management network. As a result, attackers were able to infiltrate SKT's core systems, extract authentication data, and siphon off subscriber information at scale.
Collection
[
|
...
]