NewKerala.com

Key Points

SK Telecom is facing potential record-breaking penalties for a significant data breach that exposed information of 25 million customers. The Personal Information Protection Commission will meet next week to determine the exact financial punishment. Under current laws, the telecom giant could be fined up to 3% of its total sales, which could translate to over 300 billion won. The incident has already prompted the company to offer free USIM replacements and may lead to broader service contract adjustments.

Key Points: SK Telecom Faces Massive Fine for 25M User Data Leak

  • Potential fine could exceed 300 billion won
  • Breach affected 25 million mobile service users
  • Regulator investigating data protection violations
  • Company to offer free USIM replacements
2 min read

Regulator to decide penalties for SK Telecom over major data leak next week

South Korea's regulator to decide penalties for SK Telecom's major data breach affecting millions of mobile customers next week

"Fixed-line services, including internet and TV, are usually sold as a combination - Korea Communications Commission"

Seoul, Aug 21

The data protection regulator here said on Thursday it will hold a plenary meeting next week to decide penalties against SK Telecom Co. over a major data breach that affected tens of millions of customers.

The Personal Information Protection Commission (PIPC) said it will convene the closed-door session next Wednesday to review proposed penalties against the country's largest telecom operator by user numbers.

The results, however, may not be finalised if the commission's members require further discussions, reports Yonhap news agency.

In April, SK Telecom belatedly reported the breach, in which universal subscriber identity module (USIM) data was potentially leaked during a cyberattack on its servers, prompting the company to offer free USIM replacements to around 25 million users.

The regulator earlier wrapped up an investigation into the data breach and notified SK Telecom of its planned measures late last month.

Under the personal information protection law, companies can be fined up to 3 percent of their total sales, although sales from areas unrelated to the violation can be excluded from the calculation.

Considering SK Telecom's sales of 12.77 trillion won (US$9.13 billion) last year from its mobile communications division, the company could face a record fine of more than 300 billion won.

The PIPC fined Google and Meta a combined 100 billion won in 2022 for collecting personal information without users' consent, which marked the highest penalty ever by the regulator.

South Korea's telecom watchdog also ordered SK Telecom Co. to partially waive cancellation fees for non-mobile services following a major data breach that affected its 25 million mobile service users.

The move came after the country's top carrier decided to limit the waiver of cancellation fees to mobile service customers.

The dispute resolution committee of the Korea Communications Commission said customers' cancellations of their contracts, including non-mobile services, with SK Telecom are an "inevitable measure" sparked by the company's negligence.

"Fixed-line services, including internet and TV, are usually sold as a combination," the commission noted in a release, acknowledging that cancellation fees for such services are considered damage caused by the data breach.

- IANS

Share this article:

Reader Comments

R
Rohit P
₹300 billion fine? That's serious money even for a telecom giant. Hope this sets an example for Indian telcos too. We've had our share of data leaks but penalties are usually just a slap on the wrist.
A
Ananya R
Good that they're offering free USIM replacements, but that's the bare minimum. People's personal information is priceless. Companies need to invest more in cybersecurity rather than cutting corners.
V
Vikram M
Belatedly reported in April? That's the real issue here. Companies try to hide breaches until they can't anymore. Transparency should be mandatory from day one of discovering any breach.
S
Sarah B
While I support strong penalties, I hope the regulator considers that excessive fines might ultimately be passed on to consumers through higher prices. There should be balance in punishment.
Karthik V
The waiver of cancellation fees for all services is the right move. Why should customers bear any cost when the company failed to protect their data? Hope Indian regulators learn from this approach.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50