Samsung Admits Data Breach That Exposed Details Of Some US Customers
South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach.
In late July 2022, an unauthorized third-party acquired information from some of Samsung’s U.S. systems, the company disclosed in a notice.
The firm claimed that it knew about the data breach on August 4, 2022 through an ongoing investigation that hackers carted away personal information of certain customers.
Customer Data Infiltration Vary From Person To Person
Samsung said the infiltration enabled hackers to access certain data such as names, contact and demographic information, dates of birth, and product registration details. It stressed that the incident did not affect users’ Social Security numbers or credit and debit card numbers.
However, it noted the information leaked to each relevant customer may vary.
The collected information is necessary to help the company deliver the best experience with its products and services, it added. They failed to reveal the entity behind the hack, and it is unclear why it took almost a month for the company to divulge the breach.
Samsung Took Precautionary Steps Taken Immediately
Aside from notifying users about the security event, Samsung stated it has taken steps to secure the impacted systems and engaged an outside cybersecurity firm to lead the response efforts.
Furthermore, it’s urging users to be on guard against potential social engineering attempts. Essentially, avoid clicking on links or opening attachments from unknown senders, and review their accounts for potentially suspicious activity.
The announcement comes less than six months after Samsung confirmed a similar incident. Furthermore, it revealed that internal data, including the source code related to its Galaxy smartphones, was leaked in the aftermath of an attack staged by the LAPSUS$ extortion gang.
Following the most recent data breach, Samsung issued an update to its frequently asked questions (FAQ) page.
Notably, it stated that an unauthorized third party obtained information from Samsung’s systems.