A breach affecting South Korea’s second largest mobile carrier, KT, continues to have ramifications for the carrier.
Chosun Biz reports:
The joint public-private investigation team (hereafter, the investigation team) operated by the Ministry of Science and ICT announced interim findings on the KT hacking and breach incident on the 6th. The investigation team said that, after investigating KT’s unauthorized small-sum charges and personal data leak incident, multiple lapses in security management were revealed, including lax femtocell management, failure to report malware, delayed breach notification, and false reporting of the server disposal timeline.
KT said it first discovered on Sept. 8 that small-sum charges and personal data leaks had occurred through illegal femtocells. Analyzing KT base station access logs and payment records from Aug. 1, 2024, to Sept. 10, 2025, the investigation team confirmed that the personal information of 22,227 subscribers had been leaked through 20 illegal femtocells. It also found that 368 people suffered a total of 243.19 million won in small-sum charge damages in this incident.
Read more at Chosun Biz.