Samsung Says Hackers Accessed Customer Data During Yearlong Breach
Samsung has admitted that hackers gained access to British customers' personal data during a year-long breach of its systems.
In a statement to TechCrunch, Samsung spokesperson Chelsea Simpson, who represents the company through a third-party agency, said Samsung "was recently notified of a security incident" that "resulted in certain vulnerabilities in some Samsung electronic devices." data. England." "Buyer shopping," he said.
Samsung declined to answer other questions about the incident, such as how many customers were affected or how hackers gained access to its internal systems.
In its letter to affected customers, Samsung acknowledged that the attackers used an anonymous software vulnerability in a third-party operating system to access the personal data of customers who purchased from Samsung stores in the UK between July 1 and June 30, 2019. 2020
In a letter shared on X (formerly Twitter), Samsung said it had not reached a compromise as of November 13, 2023, more than three years later.
Samsung told affected customers that hackers were able to access their names, phone numbers, mailing addresses and emails. “No financial information, such as bank or credit card details or customer passwords, was affected,” a Samsung spokesperson told TechCrunch, adding that the company had reported the issue to the UK's Information Commissioner's Office (ICO).
ICO spokesperson Adele Burns confirmed to TechCrunch that the UK data protection regulator was aware of the incident and would "investigate it".
The incident is the third data breach Samsung has disclosed in the last two years.
In September 2022, the company confirmed in a brief statement that attackers had accessed some data on some Samsung systems in the US, but declined to say how many customers were affected. In early March 2022, Samsung confirmed that it had been breached after hacker Lapsus$ claimed to have obtained and leaked approximately 200 gigabytes of sensitive data from the company's systems, including source code for various technologies and algorithms for biometric unlocking operations.
