Samsung has opened up about a data breach it detected on or around August 4, affecting the personal information of some of its customers.
“In late July 2022, an unauthorised third party acquired information from some of Samsung’s US systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected,” Samsung said in a statement.
The company said that the issue did not impact social security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. Affected customers could be impacted at varied levels, the company said. However, Samsung did not reveal how many customers were affected by the incident.
Samsung said it has taken action to secure the affected systems and has engaged a leading outside cybersecurity firm and is coordinating with law enforcement.
Samsung is directly communicating with some of the affected customers and may contact more as its investigation progresses, it said.
“Consumer devices were not affected in connection with this incident, and you can continue to use our products and services, as usual,” the company stated.
Second security incident this year
In March, Samsung suffered another security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. The company then said that the breach involved some source code relating to the operation of Galaxy devices but did not include the personal information of consumers or employees.
The incident had come to light after LAPSUS$ hacking group dumped 190GB of Samsung data on its Telegram channel, allegedly exposing the source code for trusted applets installed within the TrustZone privileged environment, algorithms for biometric authentication, bootloaders for recent devices, source code for Samsung’s activation servers, full source code for technology used for authorising and authenticating Samsung accounts, including APIs and services, and even confidential data from its chip supplier Qualcomm.
Instance of data breaches rising in 2022
About 550 organisations globally had experienced data breaches between March 2021 and March 2022, according to a report by Ponemon Institute and IBM.
The global average cost of data breaches reached an all-time high of $4.35 million in 2022 compared with $4.24 million in 2021. According to the report, about 83 per cent of the organisations have experienced more than one breach in their lifetime.
Even large security firms haven’t been spared from data breaches. For instance, last month, Cisco admitted it faced a security incident targeting its corporate IT infrastructure in late May.
An employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronised, Cisco said in a statement. The attack was linked to the LAPSUS$ group.
Similarly, cybersecurity company Group-IB published a report on August 25, revealing a month-long phishing campaign that had compromised at least 130 companies, including Cloudflare, Doordash, Mailchimp, and Twilio.
The attackers executed their attack by imitating the authentication service Okta through text message, that would direct their targets to a fake authentication page, when the victims would enter their login credentials, it gave the attackers access to their account.