In 2004, C. Park proposed an authentication protocol to provide user anonymity and untraceability in wireless mobile communication systems. The real user identities are hidden and randomized by means of error-correcting codes. In this work, it is shown that Park's protocol does not provide anonymity and untraceability. More precisely, the users real identities can be obtained easily by an eaves-dropper. Furthermore, the protocol is not secure since the session key established in the authentication phase can also be obtained, breaking the confidentiality of the radio link.