SK Telecom Co. said Tuesday around 280,000 users have received new universal subscriber identity module (USIM) chips through its free replacement program, launched in response to a recent hacking incident.
As of 9 a.m., some 4.32 million users had also booked USIM replacements online, according to the company.
The service began at 10 a.m. on Monday, with about 2,600 retail stores nationwide also participating in the replacement effort.
Some 25 million SK Telecom subscribers, including nearly 2 million budget phone users, are eligible for the replacement service.
The move followed a cyberattack detected on April 18, in which SK Telecom discovered signs of a large-scale leak of customers' USIM data. In response, the company pledge d to take swift action and launched the replacement program.
Authorities believe the data was leaked from SK Telecom's main server despite the company rejecting the claim.
"I don't know why SK Telecom denied that," Choi Jang-hyuk, vice chairperson of the Personal Information Protection Commission, told reporters in a briefing. "I think it would be right to view the leak as coming from the main server."
Choi said the watchdog is currently looking into the case with a focus on whether proper security measures were taken for the main server that stored USIM data. He declined to elaborate on the leak, noting the probe is at an early stage.
He also said SK Telecom will likely face a fine on a "different level," compared to the 6.8 billion won ($4.7 million) levied against another telecom carrier, LG Uplus Corp., in 2023 over a data leak of around 300,000 users.
"LG Uplus was before the revision to the Personal Information Protection Act, the fine (for SK Telecom) is likely to be far higher than that," Choi said.
With the legal revision, companies can be fined up to 3 percent of their total sales, although sales from areas unrelated to the law violation can be excluded from the calculation.
SK Telecom has also asked its subscribers to register for its USIM Protection Service, which it said offers the same level of defense against illegal financial activity as replacing the USIM card itself.
About 8.72 million people have signed up for the protection service so far, it added.
Combined with replacements and reservations, the total number of users who have taken protective steps stood at 13.31 million, the company said.
SK Telecom emphasized that no financial incidents, such as unauthorized transfers, have been reported using the stolen data so far.
However, cybersecurity experts caution that hackers could still exploit the stolen USIM information for phishing attacks via text messages, KakaoTalk or email.
The Korea Internet & Security Agency has asked the public not to click on smishing messages, or SMS phishing messages, but to report such activity to the agency. (Yonhap)
