Samsung Confirms Another Data Breach: Was Customer Data Stolen?
After a data breach in July, Samsung notified customers that their information had been acquired by unauthorized third-party attackers.
Samsung once again experienced another cybersecurity incident
As reported by The edge, after a data breach incident occurred in July, Samsung notified customers that an unauthorized third party had obtained some of its US customer’s information, including contact details and product registration information. . The South Korean electronics company disclosed this data theft issue on Tuesday, August 2.
According Engadget, Samsung said that although the consumer devices were not compromised, the attackers had access to customer data. With this, it has taken steps to protect its networks and is collaborating with legal authorities.
Information acquired by the attackers could be used in social engineering attacks against other services, despite the company’s claim that no bank card or social security number was obtained. Therefore, those who have pushed back on two-factor authentication for critical accounts should do so now.
Samsung warned customers to be careful with unsolicited emails and to monitor their accounts for abnormal activity in an FAQ, saying users don’t need to take immediate action based on its findings.
Since consumer devices were not affected, Samsung believes that its customers do not need to change their login or take other security measures to keep their Samsung products or accounts safe. Either way, the company advises its customers to avoid phishing emails and unexpected account activity.
In a post Customer reviews, Samsung said, “We are committed to protecting the security and privacy of our customers.” They added, “We will further improve the security of our systems and work to maintain the trust you have placed in the Samsung brand.”
Read also: PlayStation will keep Call of Duty once Xbox, Activision will merge
A cybersecurity attack in March ripped out Samsung’s source codes
In March, Engadget also reported a similar cybersecurity incident involving Samsung compromising confidential data. The company confirmed this after Lapus$, a South American hacking organization, uploaded a collection of data it claimed came from the tech giant.
According to an article by EngadgetDays after reporting the incident, Samsung confirmed in a statement to Bloomberg that attackers seized source code to operate Galaxy devices, but customer and staff credentials were unaffected.
The bootloader source code for recent Samsung devices, as well as the code for biometric authentication and on-device encryption for Galaxy phones and tablets, were all contained in a 190 GB torrent bundle made available by the hacking team. It is possible that they also obtained data from Qualcomm.
Later, Samsung released a statement regarding the event, saying, “We currently do not anticipate any impact to our business or customers. We have measures in place to prevent further such incidents and will continue to serve our customers without interruption.”
The same well-known gang provoked a similar security attack at NVIDIA in February. He acquired gigabytes of sensitive GPU data, including schematics and driver source code. Its attack was aimed at forcing NVIDIA to open up its drivers and remove mining restrictions from its RTX 30-series GPUs.
When NVIDIA refused to pay the ransom demanded by Lapsus$ to keep its data from being made public, hackers released source code for the company’s DLSS technology and details of six secret graphics cards.
Related article: Lapsus$ Group leaks alleged confidential Samsung data