Electronics Giant Samsung Confirms a Data Breach Affecting Personal Information of Customers

Richard Marley
September 06, 2022
2 minutes read
86

Samsung announced a data breach involving customers’ personal information, assuring that social security data of customers has’t been impacted. The company hired a law enforcement agency to secure its system.

Samsung informed its users regarding a cybersecurity incident leading to the compromise of customers’ data. According to Samsung, the company suffered through a data breach in July and was discovered on August 4, 2022. Samsung confirmed the breaching and exfiltration of customers’ data, including names, demographic information, contacts, and product registration information.

Samsung clarified that data stolen for each customer might vary. Furthermore, credit & debit cards and social security numbers remained unaffected.

“This has been a tough year for Samsung, and it’s clear that damage caused by the Lapsus$ ransomware gang was far worse than initially thought,” Tiberium.io CEO Drew Perry told Spiceworks, “this highlights that when it comes to ransomware, prevention is always better, and more cost-effective, than cure.”

Stolen data suggests that phishing attacks can target impacted customers. Samsung didn’t recommend instant action for them but advised to stay vigilant regarding unsolicited communications, asking for their personal information by referring them to a webpage or requiring them to click on links and attachments.

Samsung spokesperson Chris Langlois told TechCrunch through email via crisis communication Edelman that demographic data of customers was used for the sake of advertisement but didn’t specify the nature of the date. Moreover, Langlois didn’t comment on why Samsung didn’t notify customers immediately regarding the data breach.

One month after they learned about the incident, the electronics’ American division informed the consumers. The South Korean army has already informed law enforcement and is sorting out this issue with a cybersecurity company’s help.

In March, Samsung was also targeted by the Lapsus$ cyber extortion group, resulting in 190 gigabytes of proprietary information breach, including Trusted Applet (TA) used in hardware cryptography, devices’ source codes, binary encryption, algorithms for all biometric unlocking operations, and more.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Fraudsters Target UK's £400 Energy Bill Support Scheme through Scam Texts
Fraudsters are taking advantage of the support program initiated for people to lessen the burden of soaring electricity and gas prices. Using links of a fake website, scammers urge people to hand over their personal information and bank details.

The UK government warns citizens about a fake text message fraud that’s spreading to loot innocent people. The fraudsters claim to be a part of the government. This text scam invites people to apply for the £400 energy bill support scheme and get some relief in their bills.

Scammers took advantage of new support that has been put in place as a part of the package of measures set to lessen the burden of increasing electricity and gas prices.

Kicked in on 1 October, the energy price guarantee limit the rise in gas and electricity units’s cost lower as compared to their market value for protecting consumers. It’s automatically delivered through suppliers.

Whereas in the elctrucity bill for the month of October, households will receive instalment of the £400 Energy Bill Support Scheme. For most of the users, the support of £400 will be applied monthly in six instalments from October 2022 to March 2023 with those who pay through debit seeing it deducted from their energy payments.

Fraudsters are taking advantage of the scheme with messages that urge people to “apply.” They are give fake links and representing themselves as government officials. There, people are urged to give their personal data including bank information.

Offciials gave a warning and said that they have received 139 reports about scam text messages. They said, “You do not need to apply for the scheme, or provide any bank details.”

The government warned people to stay alert to such fraudulent messages. According to officials, “There is no need to apply for the schemes, with most customers receiving today’s support automatically through their electricity bill.”

Jacob Rees-Mogg, Business and Energy Secretary said, “I urge people today to stay alert to scams. This support will reach people automatically and there is no need to apply.”

He said that it was an extraordinary financial help offered to people that will protect businesses as well as households “across the country from what was going to be an 80 per cent increase in energy bills this winter”. Consumers have been told to report any such scam to 7726.

Suggested Read: Gamers Must Be Aware of long-Scale Click Fraud Campaign- Says Microsoft

Recent Posts

Blog
Know Your Customer - Addressing the Risks of Financial Crimes in Challenger Banks
With emerging technologies, financial services are witnessing a digital revolution that is changing the overall structure of the existing system. Especially after the COVID-19 pandemic, customer trends have demonstrated a clear preference for online services instead of visiting on-site offices or banks to perform daily transactions. In the same way, challenger banks have emerged in the financial services paradigm, bringing digital innovation while offering seamless customer onboarding. On a global scale, financial companies are adopting challenger banks for all of their monetary operations and transactions.

The challenger bank market size was valued at $28 billion in 2021 and is expected to reach $279 billion by 2028. It is quite evident from the figures that users are adopting challenger banks due to ease of account opening and attractive online services provided by the institutions. On the other hand, this type of digital banking is also associated with risks of identity theft, money laundering, and financial crimes, which need to be addressed through proper identity verification measures.

Challenger Banks – An Overview

Challenger banks are small retail banks that have joined the economic system in the recent few years. In a short time, they have established themselves to compete with other existing banks. Challenger banks offer a large number of outstanding services to the customers, which is the primary reason behind the popularity of this model of banking. Most of the challenger banks do not have on-site branches, which allows them to save considerable cost and invest it into other crucial services like customer support, mobile app development, and speedy transactions. All these attractive services create an outstanding user experience that eventually leads to increased use of challenger banks.

Revolut and Atom banks are considered the pioneers in digital banking, launched in the UK in 2014. Currently, there are 23 challenger banks in the UK that are providing exceptional services and their trend is increasing every year. All these banks have mobile apps through which the users can perform all of their financial transactions. The system is quite efficient in providing instant updates related to account balance, giving all the financial management to the customers’ hands.

Vulnerabilities of Challenger Banks to Financial Crimes

With the increased use of digital banking, the adoption of challenger banks by users, and the influx of money in the sector, risks of cybercrime have also elevated. Criminals are using a myriad of advanced techniques to exploit loopholes in the system and get involved in several crimes like identity theft, money laundering, and terrorist financing. Unlike the old banks and other financial institutions, challenger banks have not implemented a strict identity verification structure, making them quite vulnerable to criminal activities. Most digital banking institutions do not have any branches so they use online channels to verify and authenticate their customers’ documents.

Digital verification always comes with high risks of cybercrime as criminals disguise their original identities to onboard the system, further carrying out several financial crimes. Although challenger banks have quite a strict system of onboarding, the crime ratio is increasing with every passing year. Financial institutions are in dire need of a system that should have the capacity to verify the true identities of customers but must also be user-friendly to provide easy onboarding.

FATF’s Guidance for Challenger Banks

The Financial Action Task Force (FATF), a leading authority working to curb money laundering, has raised its concern due to the emergence of new technologies in financial companies. FATF has termed the digital system of payments as a huge threat to the financial system which is further giving rise to money laundering and terrorist financing. The recent guidelines by the financial watchdog have instructed all jurisdictions to monitor challenger banks and implement the Customer Due Diligence (CDD) approach to verify the identities of their users. The report by FATF also highlights the necessary actions and conditions that must be placed on digital financial organizations to counter money launderers and terrorist financiers on the system.

Global Regulatory Authorities Monitoring Challenger Banks

In the wake of rising crimes in challenger banks, several countries have enforced new regulations or amended existing laws to mitigate risks of identity theft and other financial crimes. Securing digital banks from monetary scams is quite crucial as it contains the assets of a large number of users and other confidential information as well. Let’s have a look at prevailing laws in different countries for countering cyber criminals and money launderers.

US

Bank Secrecy Act (BSA) is the primary act in the USA, which covers all challenger banks and other digital financial platforms. BSA permits all these institutions to implement a strict customer verification system and keep doing audits of details input by users while onboarding. Moreover, it has also been instructed law enforcement authorities to take firm action against all such platforms which are not implementing AML/CFT measures. BSA also instructs financial companies to keep a record of their users so that they can be traced down in case of any violation.

UK

The Financial Conduct Authority (FCA) in the UK is the primary body working to eradicate the chances of digital fraud in challenger banks. It has been highlighted that in recent years the trend of using online financial companies has increased to a large extent, resulting in a high crime ratio. FCA has proposed strict customer due diligence, enhanced due diligence, risk assessment, transaction monitoring, and suspicious activity reports to all challenger banks to counter prevailing crimes.

Australia

Australia is one of the countries with quite a tough approach towards the challenger banking system and has stringent requirements to get a license for operating a digital platform. Even after getting the license, business owners have to report to the Australian Transaction Reports and Analysis Center (AUSTRAC) for any suspicious activities. AUSTRAC has made it mandatory for online banks to keep a detailed record of their users and monitor their activities throughout every transaction.

Ensuring KYC Compliance in Challenger Banks

The digital financial system has come along with different perks but posed high risks of financial crimes. The trend of using challenger banks is rising with every passing day and it is quite crucial to regularize the sector providing users with a secure platform for financial transactions. The criminals mostly use stolen identities to onboard the system and commit crimes that must be looked into it to halt scammers. Using the Customer Due Diligence (CDD) approach and Know Your Customer (KYC) measures, digital banks can implement a system through which they can verify the true identities of their users while keeping a complete record. Implementing these strategies will not only secure the users’ assets but will also help in eliminating financial crimes.

How Shufti Pro Can Help

Shufti Pro’s state-of-the-art identity verification solution can help challenger banks stay compliant with global regulations while ensuring transparency in the system. Powered by thousands of AI algorithms, Shufti Pro’s KYC solutions verify the true identities of users in real-time using advanced techniques and provides result in less than a second with 98.67% accuracy.

Want to get more information about the KYC measures for challenger banks?

Talk to us

Electronics Giant Samsung Confirms a Data Breach Affecting Personal Information of Customers

Challenger Banks – An Overview

Vulnerabilities of Challenger Banks to Financial Crimes

FATF’s Guidance for Challenger Banks

Global Regulatory Authorities Monitoring Challenger Banks

US

UK

Australia

Ensuring KYC Compliance in Challenger Banks

How Shufti Pro Can Help

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.