KT excluded bill discount benefits from its compensation plan for an unauthorised micropayments incident. The company said it considered practicality, but there is also criticism that it removed the monetary compensation customers would find most beneficial.

KT held a press briefing at its Gwanghwamun headquarters on Tuesday and announced a "customer rewards programme" to restore trust and a plan for "KT information security innovation".

Previously, KT said subscriber identification numbers (IMSI), device identification numbers (IMEI) and phone numbers of 22,227 customers were leaked in an unauthorised micropayments incident that abused illegal micro base stations (femtocells). In terms of financial damage, 368 people in 777 cases suffered losses of 243 million won. A joint government-private investigation team determined KT was at fault and demanded it waive penalties for all users.

Excluding "bill discounts" from the compensation plan

KT will waive early termination fees for customers who want to cancel their KT mobile service contracts from Wednesday through Jan. 13 next year. It will also apply retroactively to customers who already cancelled between Sept. 1 and Dec. 30. Customers who signed up, changed devices or renewed contracts after Sept. 1, budget mobile users, IoT and those whose contracts were terminated by the company are excluded from the waiver. The waiver will be handled through refunds upon application.

KT will also provide benefits to customers who remain. Starting in February next year, it will offer 100 GB of data each month for six months, a 50 percent discount on roaming, OTT passes and affiliate membership discounts. It will also provide safety and reassurance insurance for two years. KT estimated the compensation programme, excluding the penalty waivers, at 450 billion won, including additional data and OTT passes.

But the compensation plan KT presented on Tuesday excluded the bill discounts customers had expected. SK Telecom, which previously faced a USIM hacking incident, offered a 50 percent discount on monthly service fees for one month. Hee-geun Kwon, head of KT's marketing innovation unit in its customer division, said, "We judged that structuring a long-term programme is better than a one-off bill discount," and added, "We focused on benefits with high practicality."

KT also said the form of customer compensation differs because the scope of information leakage differs from the SKT incident. The scale of personal information leaked in the SKT USIM hack was about 26.96 million cases. In contrast, the number of KT customers whose personal information was leaked in the unauthorised micropayments incident was 22,227, a difference in scale.

Kwon said, "In practical terms, about 22,000 people had personal information leaked," and added, "In October, for these people, we implemented not only bill discounts but also wireless data and penalty waivers."

But from the customer's perspective, the biggest practical benefit is a bill discount. The industry believes KT excluded bill discounts out of concern about worsening performance. Some analyses say it avoided financial damage by excluding cash-like benefits that affect revenue.

About 30 percent of KT customers currently use unlimited plans. Given KT's mobile subscriber base of about 13.5 million, more than 4 million people effectively do not benefit from an additional 100 GB of data. One telecommunications industry official said, "It looks like an empty compensation plan that minimises losses," and added, "It reads like an attitude aimed at minimising responsibility."

Details of the membership discount benefits have also not been released. KT said it will announce affiliates and discount details before implementation. For a KT customer to receive the penalty waiver, they must cancel before Jan. 13 next year. The waiver deadline could end before customers can even check the membership benefits.

KT said it plans to disclose the benefits before Jan. 13, but added the qualifier "if possible". Kwon said, "If possible, we will inform customers (of the specific membership benefits) before the waiver period so they can make a choice."

"Information security innovation TF" launched, 1 trillion won investment over five years signalled

KT said it will use the incident as an opportunity to improve its overall information security governance. In the medium to long term, it will gradually strengthen key security capabilities over the next five years based on information security investment of 1 trillion won, including expanding and reinforcing a zero trust system, advancing integrated security monitoring, strengthening access control management and expanding encryption.

KT also launched a company-wide "information security innovation TF". The Ministry of Science and ICT on Monday instructed KT to change a structure in which security work was divided and carried out by organisations such as the information technology division, network division and information security office, to a governance centred on the chief information security officer.

Min-woo Park, head of KT's information security innovation TF, said about 60 employees across the company are participating in TF activities. He added that the TF was formed because, under the existing organisational system, areas such as IT, networks and information protection are dispersed, making it difficult to produce an innovative master plan.

KT Chief Executive Kim Young-seop said, "I once again deeply apologise for causing concern to our customers over this issue," and added, "As a national key telecommunications operator, we will continue working to provide a safer and more trusted telecommunications service."