Posted on September 3, 2022 at 9:13 PM
Samsung has announced that it was a recent victim of a cybersecurity breach. According to the electronics giant, the hackers stole information from its servers containing customer names, their date of birth, demographic information, and product registration information.
However, the hackers were not able to access account information, credits card, or Social Security numbers. Samsung also noted that consumer devices were not affected by the incident, and customers should continue using Samsung products and services without any fear or concerns. It’s not clear how many customers were affected by the breach. Samsung did not immediately respond to questions regarding the number of customers that were hit by the attack.
In a notification posted online by the company, it stated that it has taken actions to secure the affected systems. It also noted that a major external cybersecurity company has been engaged while it’s coordinating with law enforcement on the incident. Samsung revealed it has contacted the affected customers on the issue, and if any customer has been impacted by the attack, measures will be taken to mitigate it.
Samsung Exposed For The Second Time This Year
This is not the first time Samsung has been exposed to attacks this year. In March, South American hacking syndicate Lapsus$ gained access to the source code of Galaxy devices. However, the company stated that the attack didn’t affect any customer information.
The hacking group claimed that it stole 190GB of confidential data, including source code, from the attack. At the time, the hacking syndicate also released snapshots of the alleged stolen data to prove their claims.
While commenting about the attack, Samsung said the data theft involved some source codes linked to the operation of Galaxy devices. But it didn’t include the personal information of the employees or consumers. The company also stated that there was no impact on its businesses at the time.
At the time, Samsung said it has implemented measures to prevent such attacks in the future. But the latest incident shows that no matter the level of security implemented against attacks, it may not be enough. Threat actors are constantly evolving with new strategies and tactics to launch their attacks on companies. They are using more sophisticated attack tools that can easily circumvent security apparatus and harvest data for a long period.
The Latest Hacking Incident Affected Only Its US Systems
Samsung also did not state whether it has received a demand for ransom payment or whether it is in negotiation to meet any demand.
The same Lapsus$ hacking group also claimed that it recently stole 1TB of data from GPU giant Nvidia. The group also posted snapshots of what appears to be details of the stolen files from the company. Nvidia has also confirmed that some property and employee credentials were stolen, but it said no disruption in its normal operation was witnessed.
In the latest hacking incident, Samsung said the breach affected its US systems and took place in July.
Although it’s unclear when Samsung discovered the breach, the electronic giant said it discovered that some personal data f some customers were compromised. Samsung did not say how many of its customers in the US have been affected by the breach. While the incident earlier this year was linked to the Lapsus$ hacking group, there is no evidence that the same group is responsible for the latest incident.
Samsung Has Contacted All Customers Affected By The Breach
All customers who have been affected by the breach have already been contacted by the company to help protect them from future phishing attacks. As the company noted, no information relating to the customer’s accounts was compromised. This means the hackers that stole the information could use it in the future. While Samsung says the investigation of the incident is ongoing, it also notes that there may need for further communications.
Customers have also been warned to stay alert to unsolicited messages, emails, or phone calls that may engage with them using the stolen data as leverage.
Also, he affected Samsung customers can get a free credit report and more information on the best ways to protect themselves against future phishing attacks.