South Korean Government Fines ‘Negligent’ SK Telecom, Company Vows Increased Cybersecurity Investment
SK Telecom fined for data breach, ordered to enhance security measures; will invest 700 billion won in data protection over five years
(Reuters) – South Korean authorities has ordered SK Telecom to strengthen data security and imposed a fine after the country’s biggest mobile carrier was hit by a cyberattack that caused the leak of 26.96 million pieces of user data.
The measures come after SK Telecom in April disclosed that it had suffered a major leak of customer data caused by a malware attack. Shares in SK Telecom closed down 5.6% on Friday.
“SK Telecom failed to fulfil its duty of care to protect USIM data and did not comply with relevant regulations,” the Ministry of Science and ICT said in a statement.
“Therefore, the company is deemed negligent in this incident,” the ministry said as it announced the results of the government’s probe into the data leak.
USIM refers to universal subscriber identity module cards used in smart phones.
The ministry said it would impose a fine of up to 30 million won ($21,970), and SK Telecom must enforce security measures at least once a quarter, have its chief executive officer directly oversee data governance, and increase personnel and investment in data security. (Note: USD $1 = 1,363.5200 won)
SK Telecom Unveils New Measures, Investments for Better Cybersecurity
Following the government’s announcement, the telecom provider unveiled a variety of measures to compensate its affected customers and beef up information protection.
The company will invest about 700 billion won ($513.38 million) over five years for data protection and give a discount of 50% for August subscription fees for all of its 24 million customers, it said in a statement.
“All SK Telecom executives and employees take the results of the public-private joint investigation very seriously and once again sincerely apologise to customers and society for the cyber breach incident,” SK Telecom CEO Ryu Young-sang said.
The company also slashed its forecast for 2025 revenue by 800 billion won to reflect the cost of about 500 billion won for the customer benefit package in relation to the cyber breach incident, the company said in a regulatory filing.
Science Minister Yoo Sang-im called the case “a wake-up call for information protection” for the overall network infrastructure.
SK Group Chairman Chey Tae-won apologised last month for the data leak and SK Telecom said it would take full responsibility for any harm caused as a result of the breach, which has caused alarm among its 23 million users over the possible theft of personal and financial information.
The mobile carrier said it would start offering USIM replacements to all 23 million users for free at more than 2,600 retail stores nationwide following the cybersecurity breach.
About 9.39 million users have replaced their USIMs as of late June, according to SK Telecom.
