Imagine checking your inbox and finding an email from Samsung, notifying you of a data breach that exposed your personal information. This nightmare scenario recently became a reality for some Samsung UK online store customers.
It turns out this cyberattack impacted only those who made purchases between July 1, 2019, and June 30, 2020. But what went wrong? How did this happen?
Hacker exploits bug in third-party app
Just two days ago, Samsung discovered the data breach and determined that a hacker exploited a vulnerability in a third-party application used by the company. Unfortunately, no details have been released about the security issue or the vulnerable application that allowed the attacker to access Samsung customers’ personal information.
Exposed data may include names, phone numbers, postal, and email addresses. Thankfully, the company reassures customers that their credentials or financial information remain unaffected by the incident.
A Samsung spokesperson confirmed that the cybersecurity incident is limited to the UK region and does not affect data belonging to customers in the U.S., employees, or retailers. The company has taken all necessary steps to address the security issue and reported the incident to the UK’s Information Commissioner’s Office.
“We were recently alerted to a cybersecurity incident, which resulted in certain contact information of some Samsung UK e-store customers being unlawfully obtained. No financial data, such as bank or credit card details, or customer passwords, were impacted. The incident is limited to the UK and does not affect U.S. customers, employees or retailer data” – Samsung
However, this isn’t the first time Samsung has experienced a data breach. In fact, it’s the third in just two years. The previous one occurred in late July 2022, when hackers accessed and stole Samsung customers’ names, contact and demographic information, dates of birth, and product registration data.
And in March 2022, data extortion group Lapsus$ breached Samsung’s network and stole confidential information, including the source code for Galaxy smartphones. Samsung confirmed that “certain internal data” had fallen into the hands of an unauthorized party after Lapsus$ leaked about 190GB of archived files along with a description of the contents.
Don’t let your business be the next target
As a business owner, data breaches can happen to anyone, even large corporations like Samsung. Protecting your customers’ information is crucial, and it starts by taking cybersecurity seriously.
At ZZ Servers, we understand the importance of securing your business data and keeping your customers safe. That’s why our IT Services provide comprehensive solutions to help prevent attacks like these from happening to your business.
Don’t wait until it’s too late. Contact us today to learn how ZZ Servers can help safeguard your business and customers from cybersecurity threats.
