Samsung Electronics Notifies Customers of Data Breach

IT Services is informing some of its customers about a recent data breach that exposed their personal information to an unauthorized individual.

The cyberattack specifically affected customers who made purchases from the Samsung UK online store between July 1, 2019, and June 30, 2020.

Hacker Exploits Bug in Third-Party App

Recently, on November 13, Samsung discovered the data breach and determined that it was caused by a hacker exploiting a vulnerability in a third-party application used by the company.

No specific details have been provided regarding the security issue that allowed the attack or the vulnerable application that was compromised.

The notification sent to customers mentions that the exposed data may include names, phone numbers, postal and email addresses. However, it is important to note that credentials or financial information have not been affected by this incident.

A spokesperson from IT Services informed us that this cybersecurity incident is limited to the UK region and does not impact data belonging to customers in the U.S., employees, or retailers.

The company has taken all necessary measures to address the security issue, as confirmed by the representative. Additionally, the incident has been reported to the UK’s Information Commissioner’s Office.

This marks the third data breach that Samsung has experienced in the past two years. The previous breach occurred in late July 2023 and was discovered on August 4. During that incident, hackers gained unauthorized access to Samsung customers’ names, contacts, demographic information, dates of birth, and product registration data.

In March 2023, the data extortion group Lapsus$ successfully breached Samsung’s network and stole confidential information, including the source code for Galaxy smartphones.

Samsung has acknowledged that an unauthorized party obtained “certain internal data” after Lapsus$ leaked approximately 190GB of archived files along with a description of their contents.