Face Verification
Address Verification
Document Verification
Age Verification
Video KYC
Fast ID
eIDV
NFC Verification
Consent Verification
Business Verification
Due Diligence
Investor Verification
E-Signature
Behavioural Biometrics
Device Fingerprinting
MFA
AML Screening
Business AML Screening
User Risk Assessment
Transaction Screening
Adverse Media Screening
Identity Verification
KYC
KYB
KYI
Bonus Abuse
Fraud Prevention
Banking
Crypto
Fintech
Forex
Gaming
Gig Economy
Marketplace
Social Networks
Product Managers
Compliance Officers
Fraud Analyst
Global Trust Platform
Journey Builder
Content library
Blogs
News
Reports
Insights
Knowledgebase
ROI calculator
Blind Spot Audit
Deepfake Detection
Liveness Spoofs
Document Originality
Document Deepfake
Events & Webinar
Podcast Studio
Spotlight Studio
API Documentation
Mobile SDKs
Service Status
Help Center
Contact Us
Technical Support
Compliance
Supported Document
About
Career
Press Release
Certifications
Partnership
Awards
Electronics Giant Samsung Confirms a Data Breach Affecting Personal Information of Customers
Samsung announced a data breach involving customers’ personal information, assuring that social security data of customers has’t been impacted. The company hired a law enforcement agency to secure its system.
Samsung informed its users regarding a cybersecurity incident leading to the compromise of customers’ data. According to Samsung, the company suffered through a data breach in July and was discovered on August 4, 2022. Samsung confirmed the breaching and exfiltration of customers’ data, including names, demographic information, contacts, and product registration information.
Samsung clarified that data stolen for each customer might vary. Furthermore, credit & debit cards and social security numbers remained unaffected.
“This has been a tough year for Samsung, and it’s clear that damage caused by the Lapsus$ ransomware gang was far worse than initially thought,” Tiberium.io CEO Drew Perry told Spiceworks, “this highlights that when it comes to ransomware, prevention is always better, and more cost-effective, than cure.”
Stolen data suggests that phishing attacks can target impacted customers. Samsung didn’t recommend instant action for them but advised to stay vigilant regarding unsolicited communications, asking for their personal information by referring them to a webpage or requiring them to click on links and attachments.
Samsung spokesperson Chris Langlois told TechCrunch through email via crisis communication Edelman that demographic data of customers was used for the sake of advertisement but didn’t specify the nature of the date. Moreover, Langlois didn’t comment on why Samsung didn’t notify customers immediately regarding the data breach.
One month after they learned about the incident, the electronics’ American division informed the consumers. The South Korean army has already informed law enforcement and is sorting out this issue with a cybersecurity company’s help.
In March, Samsung was also targeted by the Lapsus$ cyber extortion group, resulting in 190 gigabytes of proprietary information breach, including Trusted Applet (TA) used in hardware cryptography, devices’ source codes, binary encryption, algorithms for all biometric unlocking operations, and more.
Suggested Read: US Blocks Tornado Cash Investors for Money Laundering Risks & Links to Korean Hackers
