A joint public-private investigation team has confirmed that SIM card information for all SK Telecom subscribers was compromised in a cyberattack detected last month.

According to the second interim report, released Monday, around 27 million subscriber identification numbers were leaked, exceeding SKT’s total user base.

Investigators also discovered 21 additional types of malware beyond the four initially identified, and the number of infected servers has increased from five to 23.

Names, birth dates and other forms of personal information, as well as international mobile equipment identity data were compromised.

The team added that while there are no signs that this information was leaked between December 2024 and last month, the initial malware dates back to June 2022 and because earlier records are unavailable, the possibility of earlier leaks cannot be ruled out.