LG Uplus, recognized as one of South Korea’s most prominent and large-scale telecommunications service providers, has formally confirmed to TechCrunch that it has lodged a report concerning a suspected data breach with the Korea Internet & Security Agency (KISA), the national body responsible for coordinating cybersecurity oversight and incident response. The company’s statement clarified that while the report marks a significant step toward addressing a potential compromise of its systems, no further details were provided regarding the precise timeline for when the internal or governmental investigations might conclude or when the final results would be publicly disclosed. This cautious stance reflects the sensitive nature of cybersecurity inquiries, which often require detailed forensic analysis before reaching any definitive conclusion.

This latest admission places LG Uplus alongside its two principal industry competitors—SK Telecom and KT Telecom—both of which have also disclosed cybersecurity events within the past half-year. Collectively, all three major South Korean telecom operators now find themselves under scrutiny as they await formal confirmation and assessment of these incidents from the Korean government. The clustering of these cases within such a short timeframe underscores the growing magnitude and frequency of digital intrusions targeting essential communication infrastructure, a concern that has steadily intensified across the country’s telecommunications landscape.

According to South Korea’s Ministry of Science and ICT, which serves as the government authority responsible for national technology and communications policy, an official investigation into the suspected breaches at KT and LG Uplus—initiated only a month prior—remains underway. This inquiry gains particular importance in light of emerging reports suggesting that both companies may have encountered network intrusions bearing considerable resemblance to the recent attack experienced by SK Telecom. The shared characteristics among these incidents hint at potentially systematic vulnerabilities or common points of exploitation that malicious actors may be leveraging across multiple service providers.

Historical context sheds further light on this development. As early as July, the Korea Internet & Security Agency purportedly identified early indicators of a possible hacking attempt associated with LG Uplus and subsequently requested that the telecom operator submit an official report to facilitate investigation. Despite these preliminary findings and external concerns, LG Uplus’s telecommunications division initially refuted suggestions of any breach in August. This denial came even as KT publicly confirmed that some of its user data had been compromised following the unauthorized installation of micro base stations—small but powerful relay devices that can covertly connect to mobile networks and perform data interception. When later approached for additional clarification on the matter, KISA opted not to provide any comment, illustrating the confidentiality that often accompanies active cybersecurity investigations.

Further intensifying public attention, the recent disclosure arrives roughly two months after the long-standing hacking publication *Phrack* alleged that cyber actors affiliated with China or North Korea had illicitly extracted information from approximately 9,000 LG Uplus servers. Although these claims have not been independently verified, their circulation has amplified scrutiny on the company’s network defenses and on South Korea’s broader capacity to protect vital digital systems from foreign intrusion attempts.

The announcement by LG Uplus thus emerges amid a surge of high-profile security breaches impacting key sectors throughout South Korea. Over the past year, not only telecommunications firms but also credit card issuers, technology startups, and several government organizations have reported significant compromises of their data systems—episodes that collectively expose latent vulnerabilities previously documented by TechCrunch and other observers. These incidents illuminate a recurring issue within the nation’s cybersecurity landscape: the existence of a fragmented and often disjointed defense framework. Combined with a continuing shortage of trained cybersecurity specialists, these structural weaknesses have impaired the government’s and private sector’s ability to effectively deter, detect, and mitigate sophisticated cyber threats. Consequently, the current situation serves as both a warning and an urgent call for an integrated national approach to digital protection, one capable of reinforcing the resilience of South Korea’s critical information infrastructure against an increasingly aggressive and coordinated landscape of cyberattacks.

Sourse: https://techcrunch.com/2025/10/28/lg-uplus-is-latest-south-korean-telco-to-confirm-cybersecurity-incident/