[Q&A] SKT: "Cloned Phones Cannot Make Unauthorized Calls or Send Texts"

# SK Telecom Calms Subscriber Fears Amid SIM Cloning and Hacking Incident SEOUL – In response to last month's reported hacking incident, SK Telecom has taken steps to reassure subscribers about the security of their SIM cards and the improbability of cloning. Executives addressed these concerns during a press briefing at their central Seoul headquarters, emphasizing the robustness of their protective systems in preventing unauthorized use of cloned devices. “The SIM Protection Service and Fraud Detection System (FDS) are fully functional, thwarting any attempts to clone phones. Even if cloning were feasible, unauthorized access to calls or text services would not be possible,” stated a company executive. The incident, which occurred on April 18, involved the exposure of SIM-related information, igniting subscriber fears about potential financial losses or breaches in personal communications. However, SK Telecom remains confident that such risks are highly unlikely. Below is a Q&A session with Jeong-hwan Ryu, Head of the Infrastructure Strategy and Technology Center (Vice President), Yoo Young-sang, CEO of SK Telecom, and reporters. ### Q&A with SK Telecom Executives **Can hackers access bank accounts if they hack SIM card information?** **Ryu**: According to the government’s joint investigation announced on April 29, only SIM-related information was leaked. There was no compromise of financial asset or authentication information. Therefore, financial loss concerns are unwarranted. **Can a cloned SIM card capture all texts or app data stored on a smartphone?** **Ryu**: A SIM card has two components: one for network connectivity and authentication, and another for physical memory storage. This incident involves only the network-connectivity component. Unless the physical SIM is stolen, personal data stored in the SIM’s memory is unaffected. **Does a SIM card function like a social security number, containing all personal and financial data?** **Ryu**: Not at all. Personal data concerns only arise if the physical memory of the SIM is stolen, which is not the case here. **Could someone secretly make calls or send texts using a cloned phone?** **Ryu**: With the SIM Protection Service and FDS in place, SIM cloning is impossible. Even if cloning happened, two devices could not register at the same network location simultaneously, preventing covert usage. **Should users replace their SIM cards even if they are subscribed to the SIM Protection Service?** **Ryu**: No. Our triple-layered protocol comprises FDS, the SIM Protection Service, and a SIM Card Replacement Service. The first two are usually sufficient, but for extra assurance, users can opt for a SIM replacement. Notably, the SIM Protection Service requires users to disable it before altering their SIM configuration. **If a server was hacked, wouldn’t SIM replacement be pointless?** **Ryu**: These servers store only SIM-related information. Therefore, replacing SIM cards eliminates any associated risk. **Are there reports of malware in billing analysis systems?** **Ryu**: The joint task force is investigating this matter. We will update once findings are available. **Is extra security needed for banking apps after SIM replacement or enrolling in the SIM Protection Service?** **Ryu**: No. Banking procedures do not depend on SIM storage. Additional authentication like official certificates is still required, independent of the SIM card. **Is there new SIM inventory, and should customers visit stores for replacements?** **Ryu**: No such notification has been issued. Customers will receive messages from ‘114’ once inventory replenishment is complete. Verify the sender’s number for authenticity. **Can voice recordings from AI assistants like ADot be stolen via SIM cloning?** **Ryu**: No. ADot’s voice recordings are stored in physical memory, unaffected by this breach. **When will the SIM supply shortage be resolved?** **Yoo**: We have expedited orders for additional SIM cards. However, shortages may persist until around the 15th of this month. Our layered security, including FDS, remains effective even before replacements. **Is SK Telecom considering courier delivery of SIM cards or reimbursement for store visit transportation?** **Yoo**: Due to the current SIM shortage and limited in-store manpower, we are utilizing our customer service network. While courier delivery may be considered later, transportation reimbursement has not been thoroughly reviewed but will be evaluated. **Why wasn’t the disaster alert system used to notify customers about the breach?** **Ryu**: The disaster alert system covers all citizens and cannot be used solely by SK Telecom. SK Telecom advises customers to stay vigilant against misinformation and rely only on official communications from the company via verified channels. --- hyun0@yna.co.kr