It also announced plans to request a criminal investigation because the company did not follow a data preservation order during the investigation.
Investigators checked all 42,605 of SK Telecom’s servers and found 28 infected with 33 types of malware, more than found in a previous review. The leaked information stayed the same, covering 25 categories like phone numbers and subscriber IDs.
The timeline was also updated, revealing the first infection is now believed to have started in August 2021, earlier than the previous estimate of June 2022.
This comes as a joint team from the government and private sector, led by the Ministry of Science and ICT, found that SK Telecom failed to protect SIM card data and broke the Information and Communications Network Act.
SK Telecom’s current policy states customers don’t have to pay a penalty if they cancel service “due to the company’s fault.” However, as SK Telecom was at fault, customers who want to leave should not be charged.
The telecom giant also broke the Information and Communications Network Act by reporting the breach too late, after the 24-hour deadline, which could lead to a fine of up to 30 million won under Article 76.
The Ministry of Science and ICT had told SK Telecom to save data for analysis, but the company handed over two servers in a state that made proper investigation “impossible”, as a result, the government plans to ask for a criminal investigation.
Last month, SK Telecom CEO Ryu Young-sang said the company could lose more than seven trillion won ($5.1 billion) over three years if the penalty fees are dropped.
RELATED STORIES
SK Group chairman apologises for SK Telecom data breach
SK Group and AWS to build AI data centre in Ulsan
