Personal information belonging to 5,561 people was leaked in the wake of KT's unauthorized micropayment scandal, the company admitted Thursday. After initially denying that a breach had occurred and drawing criticism for its slow response, KT said it would "fully compensate" all affected customers.
"Our internal investigation confirmed signs that some customer IMSI [International Mobile Subscriber Identity] data had been leaked through illegal micro base stations, and we reported the case to the Personal Information Protection Commission," KT said during a press conference held Thursday at its office in Gwanghwamun.
"We apologize for the anxiety and concern caused by this small payment case," said KT CEO Kim Young-shub. "We have mobilized all resources to implement technical measures preventing further damage, and we will ensure 100 percent compensation for affected customers."
KT said it discovered two illegal micro base stations within its network this year. About 19,000 customers received signals from them, and signs of IMSI leakage were found in 5,561 cases, all LTE users, according to the head of KT's network technology division, Koo Jae-hyung.
Changing stance
KT has faced mounting criticism for reversing its position within a day.
KT said Tuesday that there was "no evidence of personal data hacking." On Wednesday, however, Koo said at a Science Ministry briefing that "it had nothing to do with USIM hacking." KT also failed to take immediate action after the first damage report was filed on Aug. 27 and after the police were notified on Sept. 1.
The company apologized Thursday for previously denying any data leaks.
KT said it will offer free SIM card protection and replacement services to all 19,000 customers who received signals from the illegal base stations. Customers have already been sent text messages with links for checking whether their data was affected, as well as for SIM card replacement and enrollment in protection services.
Asked whether contract termination fees would be waived for customers wishing to switch carriers, KT said, "We will review that option from the customer's perspective."
Starting Friday, KT will require biometric authentication for all micropayments. It also plans to roll out a new detection and blocking system for unauthorized payments.
What comes next
Authorities must now determine whether more data was leaked. IMSI alone cannot be used for micropayments, so investigators are working to identify what information was exploited and how it was used.
"It is unlikely that only IMSI data was leaked," said one telecom industry source. "It is possible KT still does not fully understand the scope of the incident."
Both a joint public-private investigation and a police probe are ongoing to determine the cause of the breach, including the characteristics of the involved fake base stations and methods of unauthorized access. Investigators are also considering whether an insider was involved.
"It is clear that whoever did this has significant technical knowledge of telecommunications but we cannot yet confirm if it was an insider," Koo said.
This article was originally written in Korean and translated by a bilingual reporter with the help of generative AI tools. It was then edited by a native English-speaking editor. All AI-assisted translations are reviewed and refined by our newsroom.
BY KIM NAM-YOUNG, YU SUNG-KUK [[email protected]]