 |
Photo = FSS |
[Alpha Biz= Paul Lee] The Financial Supervisory Service (FSS) has issued an advisory to financial institutions regarding the recent SK Telecom hacking incident, warning of potential risks that hackers may attempt to bypass phone-based authentication systems (e.g., SIM card cloning) and engage in fraudulent financial transactions.
On April 24, the FSS distributed a document titled "Precautions Regarding the SK Telecom SIM Card Hacking Incident" to all inspected financial institutions. The document stated that around April 19, external attacks led to the leakage of SK Telecom's SIM card-related information. While the full extent of the data breach has not been confirmed, the FSS urged financial institutions to consider adding extra authentication methods for mobile financial services that rely solely on phone-based authentication or SMS verification.
The FSS also recommended that financial institutions strengthen monitoring by requiring additional authentication for customers whose device information changes. Furthermore, they advised financial apps to implement measures such as voice phishing prevention (FDS) and to guide customers to contact their telecom providers if their phones stop working.
In case of suspicious financial activity, the FSS emphasized that financial institutions should immediately report the incident according to the relevant laws and regulations on electronic financial transactions.
Following the FSS advisory, some insurance companies took proactive steps by suspending the use of SK Telecom’s authentication service. KB Life Insurance halted the use of SKT’s authentication, and NH Nonghyup Life announced that it would follow suit by suspending SKT authentication starting next week.
This advisory underscores the need for vigilance in light of potential security threats to financial transactions due to the recent breach.
Alphabiz Reporter Paul Lee(hoondork1977@alphabiz.co.kr)
