Telecommunications / Mobile Network Operator / Consumer / South Korea
South Korea's largest mobile-network operator.
The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.
On April 19, 2025, SK Telecom detected BPFDoor malware on its network and disclosed that USIM data for about 27 million subscriber numbers was exposed, including phone numbers, IMSI values and device/USIM information. The malware had gone undetected for roughly three years across 23 servers.
Full threat analysis, exploitation vectors, and principal guidance below.
9 additional sections · verified field analysis · defensive doctrine
15k rows records analyzed
SK Telecom is South Korea's largest mobile-network operator, serving tens of millions of subscribers.
A mobile operator holds subscriber SIM/USIM data including phone numbers and IMSI values, device information and carrier account data.
SK Telecom detected the malware in April 2025 and later determined the intrusion had persisted for nearly three years; it undertook a mass USIM-replacement program.
As South Korea's largest carrier, the breach triggered a massive USIM-replacement effort, regulatory scrutiny and national concern over telecom security.
A telecom breach: subscriber and device data supports SIM-swap, account takeover and location inference. For a high-profile principal the main risk is credible impersonation and enrichment of existing exposure.
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation