South Korea's largest mobile operator, SK Telecom, has been the target of a cyberattack that compromised the personal data of approximately 27 million subscribers. The breach, which began in 2022 and persisted for about three years, involved malware infection on 18 servers, including critical customer information systems. The leaked data includes USIM card details, names, phone numbers, and IMEI numbers, with an estimated 300,000 IMEI numbers specifically at risk. Authorities suspect a Chinese hacker group is behind the attack, which appears to have been politically motivated rather than financially driven, as no ransom demands were made. The South Korean government and a public-private investigative task force have uncovered 21 types of malware related to the breach. SK Telecom has stated that it has implemented systems to block cloned USIMs and devices. Meanwhile, the police have initiated investigations into SK Telecom executives, including Chairman Chey Tae-won, amid allegations of delayed response and inadequate information security management. The Personal Information Protection Commission has called the incident a serious threat to public trust in the digital and AI era and promised strict sanctions for legal violations. The investigation has yet to identify the perpetrators conclusively. The incident has raised concerns about national security implications and triggered potential class-action lawsuits from affected customers.