Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Samsung hack exposes personal information of UK customers

Korean technology giant Samsung has announced that it has been impacted by a cyber attack, resulting in the personal data of some of its UK customers being exposed.

user icon Daniel Croft
Fri, 17 Nov 2023
Samsung hack exposes personal information of UK customers
expand image

The breach was discovered on 13 November, with Samsung concluding that it was the result of an unauthorised user accessing the company’s systems through a vulnerability in a third-party application.

In a notification to its customers, the company said that the attack resulted in “some personal information of certain customers” being exposed.

“Based on our investigation, we have identified that the affected data may have included your name, phone number, address and email address,” the company said.

============
============

“We want to assure you that the issue did not impact your password or financial information.”

Samsung added that the affected customers were limited to those who made purchases on the company’s e-commerce site between 1 July 2019 and 30 June 2020.

Samsung has said that it has alerted the UK’s Information Commissioner’s Office and has engaged measures to address the vulnerability and mitigate the impact of the attack.

A spokesperson speaking with BleepingComputer confirmed that customers outside the UK were not affected by the breach.

“We were recently alerted to a cyber security incident, which resulted in certain contact information of some Samsung UK e-store customers being unlawfully obtained,” the spokesperson said.

“No financial data, such as bank or credit card details, or customer passwords, were impacted. The incident is limited to the UK and does not affect US customers, employees or retailer data.”

It is currently unknown who was behind the breach nor the intentions of the threat actor or the name of the vulnerable third-party app.

Samsung has suffered data breaches before, having been attacked in March last year, when the Lapsus$ hacking group stole and leaked 190 gigabytes of confidential internal data, including source code for Samsung’s Galaxy smartphones.

Only months later, the company was attacked again in July, resulting in customer names, contacts, birth dates, demographic information and product registration data being stolen.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.