The government has requested KT to waive termination fees for all its users. On the 29th, the Ministry of Science and ICT held a briefing at the Government Complex in Seoul, stating that the “incident involving unauthorized micro-payments for KT users that occurred in August to September” constitutes a reason attributable to the company, thus necessitating the waiver of termination fees as per the terms of service for all KT users. This conclusion was reached based on an investigation by a joint public-private task force and legal consultations.
According to the task force, a security breach exploited illegal femtocells (small base stations), resulting in the leak of IMSI (International Mobile Subscriber Identity), IMEI (International Mobile Equipment Identity), and phone numbers of 22,227 individuals, and inflicted unauthorized micro-payment damage amounting to about 243 billion won on 368 people. Second Vice Minister of Science and ICT, Ryu Jae-myung, explained that the breach confirmed that the interception of SMS and voice call information was possible from user devices connected to illegal femtocells. As the risk was not limited to a few users but exposed all KT users, it was determined that termination fees should be waived for everyone. However, it was found there was no trace of actual eavesdropping or interception of voice calls.
Additionally, the Ministry has decided to impose a fine on KT for failing to report the detection of malware infection on their servers, as stipulated by the Information and Communications Network Act. KT had identified malware infections, such as BPFdoor (an alleged backdoor by a Chinese hacker group) and web shells (malicious codes allowing remote server access), during internal security checks from March to July last year but removed the malware internally without reporting it.
Unlike the hacking incident involving SK Telecom earlier this year, which resulted in sales suspension measures due to a shortage of replacement USIM stock for existing users, no such measures were taken against KT. Vice Minister Ryu clarified that the SKT action was due to the verification of the USIM stock shortage, necessitating the suspension of new sales as administrative guidance, whereas the KT incident did not involve any factors requiring USIM replacement measures.
Furthermore, the government requested a police investigation into both KT and LG Uplus for obstructing the government investigation related to the server information leak disclosed in the U.S. security magazine Phrack in August. The task force judged that KT falsely reported the timeline for discarding related information, leading to a referral to the police in October for charges of obstructing official duties through deceit. LG Uplus was also subject to a police referral earlier this month, as essential servers connecting to the APPM (password management solution) server were either reinstalled or discarded, rendering investigation impossible.
KT has stated it will thoroughly accept the investigation results and plans to announce its customer compensation and information security innovation measures promptly. LG Uplus has also expressed its commitment to cooperating sincerely with the police investigation.