NewKerala.com

Key Points

KT Corp has confirmed a major data breach affecting thousands of users' personal information. The company's CEO publicly apologized and promised full compensation to victims. Government authorities have formed a special investigation team to probe the security incident. This marks the second major telecom data breach in South Korea following SK Telecom's recent 20 million user leak.

Key Points: KT Data Breach Compromises 5561 Users in Mobile Payment Scandal

  • Personal data of 5,561 KT users compromised in mobile payment breach
  • CEO Kim Young-shub issues public apology and pledges full compensation
  • Illegal micro base stations connected to KT network caused IMSI data leak
  • Government launches joint special team to investigate the security incident
2 min read

Personal data of 5,561 users may have been compromised: S. Korea's KT

South Korea's KT Corp apologizes for mobile payment breach affecting 5,561 users, with CEO pledging full compensation amid government investigation.

"We sincerely apologise to all customers affected by unauthorized mobile payments - Kim Young-shub, KT CEO"

Seoul, Sep 11

KT Corp. said on Thursday that personal data of over 5,500 users may have been compromised in a recent mobile payment breach, issuing a public apology for the failure at the country's second-largest mobile carrier.

"We confirmed a possible leak of international mobile subscriber identity (IMSI) data affecting 5,561 users," KT said in a statement. "We reported the case to the Personal Information Protection Commission (PIPC) this afternoon and notified affected customers via text message about relief measures."

Kim Young-shub, chief executive officer (CEO) of KT, also apologised at a press conference, pledging full compensation, reports Yonhap news agency.

"We sincerely apologise to all customers affected by unauthorized mobile payments," he said. "We will do our utmost to prevent further damage and provide full compensation to victims."

Since August 27, some KT users, mostly in southwestern Seoul, have reported unauthorized mobile transactions.

The government has launched a joint special team to probe the incident.

KT said the IMSI data may have been exposed after illegal, unregistered micro base stations connected to its communication network. IMSI data, a unique identifier for each subscriber stored in a universal subscriber identity module (USIM) chip, can be misused if leaked.

It said about 19,000 customers' mobile phones had connected to the illegal base stations at least once, though not all of them experienced unauthorized financial transactions.

Of those, the IMSI data of 5,561 customers was possibly leaked, the company added.

As of Wednesday, authorities have confirmed 278 cases of unauthorized mobile payments worth 170 million won ($122,000) reported by KT users.

KT said it will support all 19,000 affected customers by replacing USIM chips free of charge and providing a USIM protection service.

The recent breach at KT came just months after SK Telecom Co. reported a massive data leak that affected more than 20 million users, raising public concerns over data protection at local telecom companies.

- IANS

Share this article:

Reader Comments

R
Rohit P
Only 170 million won compensation? That seems very low for the damage caused. In India, we've seen similar breaches where companies get away with minimal penalties. Need stricter accountability! 😠
A
Arjun K
At least they're being transparent about it and offering free USIM replacement. Many Indian companies would try to hide such incidents. Transparency is the first step toward better security.
S
Sarah B
This is concerning for digital payments users everywhere. I use multiple payment apps daily and this makes me nervous. Companies need to invest more in cybersecurity infrastructure.
V
Vikram M
The fact that this happened just months after SK Telecom's 20 million user breach shows a pattern. Telecom companies globally need to step up their security game. Jio and Airtel should take note!
K
Karthik V
Good that they reported to the privacy commission immediately. In India, we have the DPDP Act now, but implementation needs to be strict. Hope our regulators are watching these international cases.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50