Samsung customers' personal data exposed by yet another data breach

In recent times, the importance of data security has become a great deal of concern for individuals and companies alike. And in the middle of all this, Samsung has confirmed that the personal data of a handful of its UK customers were exposed in the latest data breach. This is the company's third data breach in just two years, by the way.

Samsung Data Breach 2023: What happened?

According to the company, Samsung UK's online store has suffered this data breach, affecting customers who shopped between July 1, 2019 and June 30, 2020. Samsung says it discovered this exploit on November 13, 2023. Apparently, a hacker exploited a vulnerability in a third-party app used by Samsung, gaining unauthorized access. On top of that, customer names, phone numbers, postal addresses, and email addresses were exposed. But speaking to TechCrunch, Samsung assures that “no financial data, such as bank or credit card details or customer passwords, were impacted". Earlier in March 2022, the hacking group "Lapsus$" breached Samsung’s network, stealing data, including source code, algorithms for biometric authentication, and more. Whereas just 3 months later in July 2022, hackers accessed and stole Samsung customer names, contacts, and other details.

What was the response?

As for the response, Samsung says it has reported it to the UK’s Information Commissioner’s Office (ICO). And ICO — which is the UK's data protection regulator — is on the case, initiating inquiries. However, the company has remained silent on the specifics of the incident. Not revealing the number of affected customers or how the hackers got in.

• You might want to read these:
• Samsung Galaxy Tab Price in Nepal [2023]
• Here's our first look at the Samsung Galaxy Fit 3
• Samsung Galaxy Tab A9 with Helio G99 chip is now available in Nepal

What about the affected customers?

A letter sent by Samsung to affected customers mentions that the attackers exploited a vulnerability in an unnamed third-party business app. But it's surprising that it took Samsung well over three years to detect this data breach.  

@troyhunt another dataset to keep your eyes open for ? pic.twitter.com/VwNCd1nUF1

— Michael Valentine (@KwyjiboUK)

Needless to say, Samsung's third data breach in two years highlights ongoing and evolving cybersecurity threats. So companies should implement strong security measures and communicate clearly during breaches. Whereas customers should take it upon themselves to stay vigilant in times when cyber threats challenge digital privacy and security as well.

• Meanwhile, check our review of Samsung Galaxy Watch 6 series