It was analyzed that there is no possibility of damage from creating a cloned phone because the SIM information authentication key was not leaked.
KT held a briefing at its Gwanghwamun headquarters in Seoul on the 18th to explain the "additional damage from small-amount payment hacking" and said so.
That day, KT said it found that a total of about 20,000 people had received signals from four unregistered illegal micro base stations and announced that it had identified indications that the international mobile subscriber identity (IMSI), international mobile equipment identity (IMEI), and mobile phone numbers were leaked through the base station IDs. KT had acknowledged the IMSI leak but had denied the possibility of IMEI and mobile phone number leaks. Son Jeong-yeop, a senior vice president in KT's Device Business Division, said, "Even if you know the IMEI, an illegal cloned phone is impossible if you do not know the authentication key value," and explained, "The authentication key value is safely stored within our system and is also encrypted and managed."
According to KT, the number of affected customers increased from 278 to 362, and the cumulative damage amount rose from 170 million won to 240 million won. Through additional investigations, KT said it confirmed more small-amount payment damage cases beyond the existing gift card micro-payments, such as transit cards, and identified two more IDs in addition to the two previously identified illegal micro base station IDs.
KT also addressed the status of femtocells, micro base stations that have been left in a management blind spot. Revising its previously announced total number of femtocells (157,000 units on the 11th) to 232,000, KT said 43,000 femtocells had not connected to its system for the past three months. Gu Jae-hyeong, head of the Network Technology Headquarters, said, "Immediately after the (small-amount payment hacking) incident occurred, we suspended interworking for the 43,000 units that had not connected even once in the past three months," adding, "We will restrict new activations and upgrade the management system so that illegal micro base stations can never connect to our network. We are also running real-time monitoring of abnormal payment patterns and blocking them at the source."
KT also announced plans for a full inspection of femtocells. Deputy Minister Gu Jae-hyeong said, "For non-connecting femtocells where the signal cannot be captured, we see them as in a management blind spot and will conduct a full inspection within two weeks," and added, "In these cases, we now have to contact each one individually to verify."
Regarding relief for customers' damages, KT promised to compensate proactively. Kim Yeong-geol, head of KT's Service Product Headquarters, said, "We will take 100% responsibility for the financial damage caused by this incident. We will swiftly prepare additional compensation measures for affected customers," and added, "Regarding penalty fee exemptions, we said at the last briefing that we would consider it positively. We will review it quickly from the customer's perspective so we can provide an update."
According to the Personal Information Protection Commission, KT filed a second personal information leakage report on the 18th, saying it had identified indications of the leakage of the IMSI, IMEI, and mobile phone numbers of 20,030 users so far, including the previously announced 5,561.