On September 2, the tech giant Samsung released a statement about experiencing another cyberattack against their US-based systems, which transpired in July. It was August 4 when the firm detected the compromise on the customers’ database, closely teaming up with cybersecurity experts to mitigate the incident.
In the announcement, Samsung also clarified that while it was the customers’ database that the hackers had targeted, their Social Security numbers and banking information were not included in the breach. The tech giant also brought up some issues with why they had access to those kinds of sensitive customers’ data, explaining that these pieces of information help them deliver the best customer experience.
Furthermore, Samsung did not give exact details on the impacted demographic information; however, experts have reviewed the firm’s updated privacy policy, which now declares that Samsung can use customers’ geolocation for advertising and marketing.
As the tech giant clarified this matter, they said that using customers’ precise geolocation would allow them to send notifications when the customer is nearby an authorised Samsung store that offers promos and other marketing benefits.
The recent Samsung cyberattack compromised several customer data, including full names, demographics, birthdates, and product registration info.
Moreover, the firm stated that the information involved in the issue varies based on each customer. All affected customers have also been notified, warning them to be more cautious as hackers could use their data for other malicious attacks.
It is still unidentified how many clients were impacted by the Samsung cyberattack, as the company has yet to provide details on the matter. However, only a day after Samsung’s notice, a hacker immediately disclosed on an underground forum that they were holding over 190GB of data stolen from the tech giant and had it up for sale.
Based on the hackers’ claims, they have stolen massive data from Samsung, including customers’ SSNs, despite the firm stating that these data are secured from the breach. The tech giant’s representative then falsified these claims, reiterating that the SSNs were not impacted.
This year, Samsung suffered from a cyberattack about two times. The first one was in March when the Lapsus$ ransomware gang claimed to steal data from the tech giant. Given that millions of customers worldwide could be affected by these compromises on the firm, it is advised to stay vigilant about potential attacks exploiting sensitive information.