KT Corp Faces Regulatory Action After Femtocell Security Breach Exposes Thousands in South Korea On December 30, 2025, South Korean authorities held KT Corp accountable for a major mobile payment breach stemming from critical security flaws in its femtocell infrastructure. Investigators found that KT used identical, long-term authentication certificates across its femtocells—valid for a decade—allowing unauthorized devices to repeatedly access the network without re-verification. The breach exposed identifiers of over 22,000 users, with 368 individuals falling victim to unauthorized transactions totaling 243 million won (≈$180,000 USD). Further scrutiny revealed that 94 KT servers were infected with over 100 types of malware, underscoring systemic security failures in the company’s femtocell management. Regulators concluded that KT neglected its obligation to provide secure telecommunications services, ordering the company to submit detailed prevention plans by June 2026 for compliance review. Authorities also urged mobile operators to rotate authentication server addresses regularly and block illegal network access to mitigate future risks. While some hacking techniques resembled a prior breach at SK Telecom, no direct link between the two incidents has been established. KT acknowledged the findings, pledging compensation for affected users and enhanced security measures rather than contesting the results. In a separate case, LG Uplus is under police referral after investigators discovered that compromised servers were discarded, preventing a full technical analysis. The South Korean government emphasized that robust cybersecurity is now a national priority, particularly as the country seeks to solidify its position as a global leader in AI and digital innovation.