Malware
Breaking: Samsung Faces Fresh Data Breach, Puts UK Store Customers at Risk
Breaking news: Samsung is hit with another data breach, jeopardizing the security of its UK store customers. Stay informed and protect your sensitive information now.
Samsung Electronics Notifies Customers of Data Breach
IT Services is informing some of its customers about a recent data breach that exposed their personal information to an unauthorized individual.
The cyberattack specifically affected customers who made purchases from the Samsung UK online store between July 1, 2019, and June 30, 2020.
Hacker Exploits Bug in Third-Party App
Recently, on November 13, Samsung discovered the data breach and determined that it was caused by a hacker exploiting a vulnerability in a third-party application used by the company.
No specific details have been provided regarding the security issue that allowed the attack or the vulnerable application that was compromised.
The notification sent to customers mentions that the exposed data may include names, phone numbers, postal and email addresses. However, it is important to note that credentials or financial information have not been affected by this incident.
A spokesperson from IT Services informed us that this cybersecurity incident is limited to the UK region and does not impact data belonging to customers in the U.S., employees, or retailers.
“We were recently alerted to a cybersecurity incident, which resulted in certain contact information of some Samsung UK e-store customers being unlawfully obtained. No financial data, such as bank or credit card details, or customer passwords, were impacted. The incident is limited to the UK and does not affect U.S. customers, employees or retailer data” – Samsung
The company has taken all necessary measures to address the security issue, as confirmed by the representative. Additionally, the incident has been reported to the UK’s Information Commissioner’s Office.
This marks the third data breach that Samsung has experienced in the past two years. The previous breach occurred in late July 2023 and was discovered on August 4. During that incident, hackers gained unauthorized access to Samsung customers’ names, contacts, demographic information, dates of birth, and product registration data.
In March 2023, the data extortion group Lapsus$ successfully breached Samsung’s network and stole confidential information, including the source code for Galaxy smartphones.
Samsung has acknowledged that an unauthorized party obtained “certain internal data” after Lapsus$ leaked approximately 190GB of archived files along with a description of their contents.