Just before the Labor Day holiday weekend, electronics giant Samsung US announced that the personal information of some customers was compromised in a July data breach.
As part of the incident, which was identified roughly a month ago, an unauthorized third party gained access to some of Samsung’s US systems and exfiltrated information stored on them.
Although it had determined that the personal information of some of its customers was compromised in the attack, Samsung took nearly a month to disclose the incident publicly.
“In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected,” Samsung said in a September 2 notice.
The attackers, the company said, accessed information such as names, birth dates, contact information, demographic data, and product registration information. Social Security numbers and credit card details were not impacted in the attack.
“The information affected for each relevant customer may vary. We are notifying customers to make them aware of this matter,” Samsung said.
The electronics giants also said that it took the necessary actions to secure the affected systems and that it has been working on improving the security of its systems to prevent similar incidents.
What Samsung did not say, however, was how many individuals were impacted and whether corporate data was also exfiltrated in the attack. No details on how the threat actors gained access to Samsung’s systems were provided either.
SecurityWeek emailed Samsung for additional clarification on the incident and will update this article as soon as a reply arrives.
This is the second data breach that Samsung has disclosed in 2022. In March, the company confirmed it fell victim to the Lapsus$ ransomware gang in an attack that resulted in Samsung source code being leaked online.
Related: LastPass Says Source Code Stolen in Data Breach
Related: OneTouchPoint Discloses Data Breach Impacting Over 30 Healthcare Firms
Related: Data Breach at PFC USA Impacts Patients of 650 Healthcare Providers
More from Ionut Arghire
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Tor Network Under DDoS Pressure for 7 Months
- Russian Admits in US Court to Laundering Money for Ryuk Ransomware Gang
- Patient Information Compromised in Data Breach at San Diego Healthcare Provider
- Software Supply Chain Security Firm Lineaje Raises $7 Million
- Vulnerability Provided Access to Toyota Supplier Management Network
- Linux Variant of Cl0p Ransomware Emerges
Latest News
- Minister: Cybercrimes Now 20% of Spain’s Registered Offenses
- Skybox Security Raises $50M, Hires New CEO
- Spies, Hackers, Informants: How China Snoops on the US
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Application Security Protection for the Masses
- Tor Network Under DDoS Pressure for 7 Months
- Siemens License Manager Vulnerabilities Allow ICS Hacking
