SK Communications Co. said on Thursday that personal information of its 35 million online users has been hacked, marking South Korea’s worst online security breach and sparking fears that the leak could lead to massive online and voice scams in coming weeks. 

“The company has confirmed that a leak of customers’ information has taken place due to hacking on July 26,” SK said in a statement. “The specific scale of the hacking is still being investigated, but it is estimated that some of the personal information of 35 million Nate and Cyworld members have been leaked.”

Nate is the country’s third-most visited Web search engine and Cyworld is the biggest social networking site with 25 million users, which accounts for half of the South Korean population.

SK Communications, which runs Nate and Cyworld, is a unit of the SK Group whose affiliates include top mobile operator SK Telecom.

Police said they would launch an investigation into the hacking incident at SK. The Cyber Terror Response Center, a police division dealing with crimes in cyberspace, is expected to identify who committed the hacking.

SK Communications said the hacking originated from a malicious code in China, an allegation that has yet to be verified by police investigation.

The hacking of the country’s major website comes after a host of Korean online firms suffered from similar cyber attacks amid heightened worries over lack of security protection. A vicious cyber attack paralyzed the computer system of the National Agricultural Cooperative Federation, or Nonghyup, in April and 18 million users of Internet Auction Co., a unit of U.S.-based eBay Inc. had to change their password due to a security breach in 2008.

The latest hacking involves SK users’ names, phone numbers, email, resident registration numbers and passwords. SK Communications said the members’ password and resident registration numbers are protected through high-level encryption, but plan to set up a hotline for handling the hacking incident to stem secondary damage in the form of voice phishing and spam mail.

As with previous hacking incidents, Cyworld and Nate members are likely to receive more spam messages or fake calls from phishing firms.

SK Communications CEO Joo Hyung-chul issued a formal apology on Thursday: “Concerning this incident, we offer our apology to our customers and have taken all the necessary measures to minimize the impact and identify the cause and retrieve customer information in cooperation with the authorities.”

Particularly worrisome is the security breach for Cyworld, the country’s most popular social network service, a pioneer that had sparked the boom of photo-sharing among friends and family members. Although Cyworld has seen its popularity decline in the past couple of years, particularly with the introduction of foreign social services such as Twitter and Facebook, the local service still handles a huge amount of data including personal photos, videos and articles generated by its 25 million users.

Nate is a latecomer in the portal service market, but it has risen to rank third here, intensifying its competition with its bigger rivals Naver and Daum. The hacking of Cyworld and Nate, considering the size of the subscriber base at both services and their close integration with mobile phone services of SK Telecom, is expected to have a strong impact on the companies involved.

Shares of SK Communications, listed on the tech-heavy KOSDAQ stock market, plunged 5.95 percent to 17,400 won. Its sister firm SK Telecom saw its share price drop 2.64 percent to close at 147,500 won.

By Yang Sung-jin (insight@heraldcorp.com)