Hackers Stole Customer Data from Samsung

The electronics giant has confirmed a data breach that took place in July, affecting customers' personal information...

Samsung

And we would think a major company like Samsung would have its defenses beefed up to the max. That, apparently, is not the case with the electronics giant confirming a data breach that affected customers’ personal information.

In a brief notice, Samsung said it discovered the security incident in late July and that an “unauthorized third party acquired information from some of Samsung’s U.S. systems.” It then determined customer data was compromised on August 4th.

The good news is that Social Security numbers and credit card numbers were not affected, but personal details such as name, contact and demographic information, date of birth, and product registration information were taken.

“The information affected for each relevant customer may vary. We are notifying customers to make them aware of this matter,” the company said in the statement.

Samsung spokesperson Chris Langlois told TechCrunch via crisis communications firm Edelman that demographic data relates to information used for marketing and advertising and includes details such as product purchase date, model, and device ID.

The number of affected users was not shared and it is also unclear why it took Samsung more than a month to notify customers about the breach — which was announced just hours ahead of a U.S. holiday weekend marking Labor Day.

“Even though the investigation is ongoing, we wanted to notify our customers to make them aware of this matter because we understand how important their privacy is,” Langlois said.

Samsung noted that it has taken additional steps to secure its systems and has brought in an unnamed third-party cybersecurity firm. The company is also coordinating with law enforcement to resolve this case and (eventually) bring the perpetrators to justice.

In March, Samsung revealed that it was one of the victims of the Lapsus$ hacking group, which also managed to infiltrate Nvidia, Microsoft and T-Mobile. During that incident, hackers obtained almost 200 gigabytes of confidential data — including source code for various technologies and algorithms for biometric unlock operations.

There is little you could do to protect yourself in situations like these. Simply put, it’s not your fault. What you could do is change your passwords after every incident and choose those that are impossible to guess. Also, make sure to turn on two-factor authentication whenever possible so that even if someone manages to get ahold of your password – they won’t be able to do much with it. And, use a VPN to keep your communication secure at all times.