KT's Chief Executive Officer Kim Young-shub acknowledged that the telecommunications company had poorly handled its femtocells - compact cellular base stations - which served as the primary vulnerability used in multiple instances of fraudulent mobile payment schemes against the carrier's customers.
The CEO pledged that the telecommunications firm would make comprehensive efforts to deal with the consequences of the security breach. When addressing criticism regarding the company's inconsistent statements to regulatory bodies, Kim Young-shub stated that KT had no desire to minimize the seriousness of the situation.
“There were several loopholes in (our) management practices of femtocells, and the process of re-collecting (inactive) devices was also inadequate,” Kim said during a National Assembly hearing in Seoul.
Also Read: 5 Interesting APAC CTO Appointments in August 2025
The mobile payment security incident was discovered early this month when law enforcement started looking into fraudulent transactions that impacted KT customers in certain areas of Seoul and Gyeonggi Province.
The breach caused public concern when preliminary investigations showed that criminals had employed femtocells to capture authentication calls transmitted to customers during transaction procedures. This represented Korea's first documented incident of this nature.
On September 11, KT originally reported that 278 individuals experienced losses amounting to 170 million won ($122,000), with roughly 5,500 people potentially having their personal data exposed.
However, one week afterward, the telecommunications company revised these figures, stating that 362 people were affected with total losses reaching 240 million won.
According to KT, there are 43,000 femtocells that have remained disconnected from the network over the last three months, suggesting these units may be defective or impossible to locate, making them vulnerable to fraudulent exploitation.
At the hearing, Representative Lee Hai-min from the minor opposition Rebuilding Korea Party pointed out that KT did not have adequate preventive mechanisms to deactivate unused femtocells when their positions were unexpectedly altered. In contrast to SK Telecom and LG Uplus, which automatically shut down femtocells that are moved past a specified range, KT depends entirely on customers reaching out to recover non-functioning femtocells.
Also Read: How Reif Othman Makes Dining an Art
Kim observed that KT had been contracting out the oversight of its femtocells to external companies, though he mentioned that the corporation had implemented steps to stop inactive equipment from accessing the network.
Throughout the proceedings, legislators expressed worries that the organization tried to eliminate evidence. A representative from KT stated that the corporation initially recognized the potential for server intrusion in early July but did not inform KISA of any security violation since no evidence was discovered. The representative further explained that the organization discarded the servers due to feeling "uncomfortable keeping servers that had displayed questionable activity."
Also Read: This 28-Year Old Leader Was Hired by Mark Zuckerberg to Lead Meta's AI Efforts
Kim additionally mentioned that the corporation "ought not to have destroyed the servers" and "will evaluate waiving early cancellation charges for carrier changes for the 20,000 clients whose private data might have been exposed."