Cyber Fines & Fallout: SK Telecom Profit Plunges 90% After Massive Data Breach

South Korea’s largest mobile carrier, SK Telecom, has reported a dramatic decline in operating profit for the third quarter — nearly 90% lower than in 2024. The company attributed the plunge to costs stemming from a massive data breach, along with fines and infrastructure restoration expenses following the incident.

According to the company’s report, profit fell to 48.4 billion won (approximately $34.1 million), compared with 493 billion won (around $343 million) during the same period last year. Sales dropped by 12.2%, marking the steepest decline since 2000. Management has decided to temporarily suspend dividend payments for the third quarter, promising to resume them once financial conditions stabilize.

SK Telecom clarified that the losses are linked to the aftermath of a cyberattack discovered in the spring of 2025. It was revealed that hackers had stolen the personal data of roughly 27 million customers. Investigators later determined that the intrusion had actually begun in 2022: attackers deployed 25 different types of malware that went undetected for nearly three years.

Among the stolen information were subscriber identification numbers, authentication keys, network logs, and messages stored on SIM cards. Following the investigation, South Korea’s communications regulator imposed a record fine of 134 billion won (around $96.5 million) and ordered the company to conduct a comprehensive overhaul of its information security systems. Additionally, SK Telecom offered free SIM card replacements to millions of users and suspended new subscriber registrations for two months.

To mitigate the damage and restore customer trust, SK Telecom launched a “Gratitude Program” valued at 500 billion won (approximately $349 million). The initiative includes discounted rate plans, free mobile data, and promotional vouchers. The company also waived early contract termination fees and reduced service costs by 50%. Nevertheless, these measures failed to prevent a growing customer exodus and a further decline in revenue.

SK Telecom emphasized that its top priority now is to rebuild customer confidence and transform the crisis into an opportunity to strengthen internal resilience.

In the wake of this incident, a similar breach occurred in August at Lotte Card, one of South Korea’s leading credit card issuers. Hackers gained access to the data of three million customers by exploiting a server vulnerability that had remained unpatched since 2017. The intrusion went unnoticed for nearly two weeks and was discovered only during a routine infrastructure audit.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy