Financial authorities scramble to calm fears over SKT hacking fallout

Customers line up in front of an SK Telecom store in Seoul, Tuesday, the second day of the firm's free USIM replacement service, which was launched after its subscriber USIM data was stolen. Yonhap

Financial authorities are moving swiftly to set up an emergency response unit following a hacking incident that exposed SK Telecom customers’ universal subscriber identity module (USIM) data, officials said Wednesday.

The authorities said the unit is intended to strengthen security inspections amid growing public concerns that the leak could lead to secondary damage such as financial fraud.

They added that no unusual signs — such as a spike in unauthorized authentication attempts — have been detected in the financial sector.

Earlier in the day, Kwon Dae-young, secretary-general of the Financial Services Commission (FSC), presided over a coordination meeting with the Financial Supervisory Service (FSS) and other related associations to discuss response measures following the cyberattack against SK Telecom first identified on April 18.

“If the SKT hacking incident escalates into a financial security issue, it could lead to significant harm and trigger widespread public concern,” Kwon said. “We must stay alert and collaborate closely to guarantee that the public can continue their financial activities with confidence.”

The FSC noted that while no unusual signs of unauthorized authentication attempts have been detected so far, it is establishing a swift communication system and maintaining an ongoing response posture through the emergency response unit in preparation for potential financial incidents.

The country’s top financial regulator also required banks and other financial institutions to provide daily updates on their response efforts and any significant developments.

It stressed the importance of rigorously following security protocols in collaboration with key agencies, including the FSS and the Financial Security Institute (FSI), to prevent potential harm, while ensuring that vulnerable groups, such as the elderly, are protected from emerging risks.

“There is a need for intensified monitoring of unusual financial transactions. We will promptly share relevant information with financial institutions to enable a swift response,” an FSI official said.

Financial Services Commission Chairman Kim Byoung-hwan, left, reviews the materials at the National Assembly's pension reform special committee meeting, Wednesday. Yonhap

On Tuesday, FSC Chairman Kim Byoung-hwan attended a National Assembly session. “While it is difficult for us to verify the technical aspects and issues related to illegal copying, we are guiding financial institutions to strengthen their identity verification procedures and implement alternative methods beyond SKT’s SMS authentication," he said.

His comments were in response to a remark made by lawmaker Kim Seong-won of the ruling People Power Party, who stated, "the biggest concern of the public is that the USIM data breach could directly lead to financial sector issues."

The FSS, the nation's financial watchdog, distributed a notice to all financial institutions on April 24 advising them to consider alternative authentication methods if verification is only completed through mobile phone or SMS-based authentication.