SK Telecom stores in Seoul were overwhelmed by customers rushing to replace their SIM cards on April 27, days after a data breach triggered widespread anxiety among subscribers.
By around 2:40 p.m., a sign reading “No SIM cards available today” was posted at one SK Telecom outlet in Jung-gu, central Seoul. The company had announced on April 25 that it would begin offering free SIM card replacements nationwide from April 28, but concerned customers began flocking to stores over the weekend.
Seo, a 43-year-old office worker living nearby, said he visited the store but was turned away. A store employee said SIM stocks had already run out on April 26 after the company announced it would later reimburse customers who replaced their SIMs at their own expense.
Over the weekend, major outlets reported long queues, with some posting notices that SIM cards were out of stock. Online forums were flooded with accounts from users who said they had visited multiple stores before securing a replacement.
“Even under normal circumstances, major stores in the Seoul metropolitan area carry at most 200 SIM cards. The sudden spike in demand simply overwhelmed the system,” an industry official said.
Despite the rush, security experts urged caution, saying fears may be overstated. It remains unclear whether any personal information beyond SIM card data was leaked.
“The concern that leaked SIM information could easily lead to misuse is exaggerated based on what we know so far,” said Jang Hang-bae, a professor of industrial security at Chung-Ang University. “While risks cannot be ruled out entirely, the available evidence does not justify excessive alarm.”
In 2023, LG Uplus suffered a breach affecting about 290,000 customers, leaking SIM details along with names, birth dates, addresses and emails. However, no cases of phone cloning or fraud linked to the incident have been reported.
Following a series of SIM-swapping attacks in 2022 that led to thefts of virtual assets from KT customers, South Korean telecom operators developed a fraud detection system (FDS) in collaboration with police. The system shuts down cloned devices that attempt to connect using stolen SIM information, and remains in operation today.
This system may be helping to prevent damages from the current breach, though experts noted vulnerabilities remain if the original phone is turned off or set to airplane mode.
Customers are also encouraged to use telecom carriers’ “SIM Protection Services,” which prevent SIM cards from functioning on unregistered devices.
“For now, signing up for your carrier’s SIM protection service is the most rational precaution,” said Kim Seung-joo, a professor at Korea University’s Graduate School of Cyber Security and Privacy.
Concerns that leaked SIM data alone could enable unauthorized access to bank accounts are also seen as overstated. “Even if a cloned phone is created, financial certificates, OTPs and account passwords are still required for electronic transactions,” Kim said.
However, experts criticized SK Telecom and authorities for the slow pace of the investigation, with little information released nearly a week after the breach was discovered.
“If there were obvious traces, the hackers would not have penetrated the telecom’s security network,” said one cybersecurity expert, suggesting the breach was highly sophisticated and may take time to fully investigate.
Lee Hee-jo, a professor at Korea University, said, “The government and SK Telecom need to release their findings quickly to calm increasingly anxious customers.”
