Last week, South Korean telecom firm SK Telecom announced that a malware-based data breach exposed over 27 million phone numbers, jeopardising user privacy and raising concerns in the cybersecurity community. The breach apparently lasted more than three years and targeted systems at SK Shieldus, a security subsidiary split out from SK Telecom in 2021.
The attack was initially discovered by South Korea’s Ministry of Science and ICT, which revealed that malware was secretly gathering mobile phone numbers from hundreds of company clients’ SK Shieldus protection software between May 2021 and early 2024. Authorities described it as an ongoing supply chain attack that remained undiscovered for years.
Following the breach’s disclosure, SK Telecom and SK Shieldus both expressed their regret in public. About 90 customer organisations used the impacted software, which had malicious malware placed in it that allowed subscriber data to be stolen without authorisation. SK Shieldus emphasised that only mobile phone numbers were compromised, not identities, personal identification numbers, or geographical information.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: