KT said on the 17th it found 16 more illegal femtocell IDs—ultra-small base stations blamed for recent small-sum payment damage—bringing the total to 20. As a result, the number of affected customers increased by six to 368, and the damage amount rose by 3.19 million won to 243.19 million won.
KT held a briefing titled "Announcement of full-scale investigation results related to small-sum payment damage" at its Gwanghwamun headquarters in Seoul on the 17th and made the announcement. The femtocell identified as the method used in the KT unauthorized small-sum payment case refers to an ultra-small base station that provides communication within a 10-meter radius. It is a device that provides Long-Term Evolution (LTE, 4th generation mobile communication) service inside homes or small buildings with poor radio environments.
The company added that the number of customers with connection histories to the disputed femtocell IDs increased by 2,197 to a total of 22,227. KT explained that among the 16 newly confirmed illegal femtocell IDs, suspected cases of unauthorized small-sum payments occurred from only one ID.
Earlier, at the first briefing on Sept. 11, KT said two illegal ultra-small base stations had been found and there were 278 victims. At the second briefing on the 18th of the same month, it said two more illegal ultra-small base stations had been found, totaling four, and there were 362 victims. In this announcement, the number of illegal base stations, victims, damage amount, and users who connected all increased.
Regarding small-sum payment damage, KT's full-scale investigation covered about 150 million carrier billing transaction records from Aug. 1, 2024 to Sept. 10, 2025. The scope included 84 million small-sum payments and 63 million Direct Carrier Billing (DCB) payments without payment gateways (PG), as well as payments made through ARS, Short Message Service (SMS), and PASS verification. The analysis proceeded by fully reviewing 4.03 trillion connection records between all mobile phones and base stations to detect illegal femtocells, then cross-checking illegal femtocell ID connection histories with the overall payment data.
It was analyzed that no abnormal payments occurred in PASS verification and in Direct Carrier Billing (DCB) that did not involve payment gateways. The first occurrence of unauthorized small-sum payments was Aug. 5, 2025, consistent with previously confirmed findings, and no new damage occurred after Sept. 5, when KT blocked abnormal small-sum payment attempts.
KT filed a supplemental report on the findings with relevant authorities, including the Personal Information Protection Commission. The company said, "We are also implementing protection measures for customers with newly confirmed damage," and added, "We again apologize for the time required for the large-scale full review, and we will continue to cooperate faithfully with the government investigation and the police probe." It continued, "We will fully carry out our responsibility to the end by preparing technical and institutional measures to prevent recurrence and by implementing practical customer protection measures."
Meanwhile, KT's announcement was the official third briefing held after lawmaker Hwang Jeong-a of the Science. ICT. Broadcasting. and Communications Committee said the previous day that KT's illegal base station IDs had increased to 20 and the number of people who connected to the illegal base stations had risen to about 22,000.