A government and private sector investigation team is looking into the recent major data breach at SK Telecom. They have now widened their check to include two other top South Korean mobile carriers — KT and LG Uplus.
Industry sources said on Monday that investigators carefully inspected the servers of KT and LG Uplus but found no signs of hacking or data leaks so far.
At first, the investigation team had only asked local telecom companies and platform businesses to run their own cybersecurity checks. But last week, they changed their plan and decided to directly check the systems of the other telecom companies themselves. This change happened because there were growing worries about hackers using BPFDoor malware variants. Investigators feared the attacks might target other Korean telecom providers, not just SK Telecom.
The investigation’s early findings showed that on SK Telecom’s side, 25 malware programs were discovered on 23 servers. Out of these, 24 were variants of BPFDoor malware, and one was a variant of WebCell malware.
Two of the affected SK Telecom servers stored sensitive personal data, including people’s names, birth dates, phone numbers, email addresses, and IMEI numbers (the unique identification number of each mobile device).
The IMEI is especially sensitive because it can potentially be misused in financial transactions or identity fraud.
SK Telecom first discovered the breach on April 18 and immediately began investigating the extent of the attack.
For now, as SK Telecom works to fix the damage, investigators report the good news that KT and LG Uplus systems show no evidence of compromise.
