Samsung Reveals Data Breach Affecting Customer Information

A data breach that exposed some of its customers’ personal information to an unauthorized party is being notified to them by Samsung Electronics. As per the firm, only consumers who made purchases from the Samsung UK online shop between July 1, 2019, and June 30, 2020 were affected by the hack. Samsung Electronics (U.K.) Limited acknowledged that it had recently uncovered a cybersecurity problem involving personal customer information in an email that a reporter from Forbes received on the evening of November 15.

Samsung Hacking Disclosure Statement:

The intrusion was identified on November 13, according to the email that arrived in the reporter’s mailbox in the evening of November 15. Samsung has officially put the finger of responsibility on a vulnerability inside the third-party business program in question, despite the fact that the exact application in question is unknown. The message follows: It was determined that an unauthorized individual exploited a vulnerability in a third-party business application we use.” The statement “impacted” refers to the customers who made purchases between July 1, 2019 and June 30, 2020.

Samsung’s recently released One UI 6 timeline is not trustworthy; here’s why?

Samsung continues by stating that the SEUK eCommerce site may have compromised certain consumers’ personal information. Samsung claims that phone numbers, email addresses, names, locations, and IP addresses are among the exposed data. It is also highlighted that the hacker is not exposed to any of the passwords or financial information.

As of right now, there is a dearth of information on the third-party business application for the vulnerability in question. Samsung claims that when the issue was discovered, the application’s use was halted and a forensic investigation was started. Further technical actions have been performed, such as fixing an application vulnerability. Assuring the source, BleepingCounter, that the incident has also been notified to the UK’s Information Commissioner’s Office, the spokesperson stated that the firm has taken all required actions to remedy the security issue.

For Samsung, this is the third data breach in the last 24 months. In the last one, which happened in late July 2023 and was found out on August 4, hackers gained access to and stole the names, contract details, demographic data, dates of birth, and product registration information of Samsung consumers.

Samsung came up with a precaution for users:

The consumers of the UK e-commerce website are the target of the Samsung email, and it is unclear whether other servers were also affected. Moreover, you should have had to visit that website and make a purchase between July 2019 and June 2020. Samsung advises taking the following safeguards if it claims consumers don’t need to act right away:

• Always exercise caution when responding to unsolicited emails that request personal information about you or direct you to a website that does the same.
• Don’t open attachments or click links in any shady email correspondence.
• For advice on identifying dubious messages and safeguarding yourself after such an occurrence, it is advised to visit the U.K. National Cyber Security Centre.

Thanks to “Forbes“