Electronics giant Samsung confirmed a new data breach in July after some of its US systems were compromised.
After the attack that hit the company in late July 2022, Samsung disclosed a data breach. The electronics giant discovered on August 4 that a threat actor had accessed its systems and stole customer personal information.
Threat actors had access to Samsung customers’ names, contact information, date of birth, product registration data, and demographic information. At the same time, social security or credit card numbers were not exposed to security breaches.
“In late July 2022, an unauthorized third party obtained information from some of Samsung’s US systems. An ongoing investigation before or after August 4, 2022 has confirmed that the privacy of certain customers is affected. We have taken steps to protect affected systems, we have contracted with leading external cybersecurity companies, and we are working with law enforcement agencies.” read To find out Issued by the company. “We want to assure our customers that this issue did not affect their Social Security or credit and debit card numbers, but in some cases information such as name, contact and demographic information, date of birth, and product registration information may be affected. It can go crazy.”
The company clearly states that the information exposed by each customer may be different, but notifies the customer.
Samsung claims to have detected the incident and took steps to protect affected systems. The company also hired a top cybersecurity firm to investigate the incident and report it to law enforcement.
Although the company states that the customer does not take immediate action to mitigate the potential impact of an incident, in any case, we recommend that the customer:
- Beware of any unsolicited communications requesting your personal information or directing you to a web page requesting personal information.
- Do not click on links or download attachments in suspicious emails.
- Account review for suspicious activity
In March 2020, Samsung disclosed another data breach after being attacked by data extortion group Lapsus$.
Threat actors had access to internal company data, including the source code of the Galaxy models.
The Lapsus$ gang claimed to have stolen huge amounts of sensitive data from Samsung and leaked 190GB of Samsung data as evidence of the hack.
The gang announced the availability of sample data on their Telegram channel and shared torrent files for download. They also shared images of the source code contained in the stolen data.
The stolen data includes confidential Samsung source code, including:
- Device/Hardware – Source code for all Trusted Applets (TA) installed in TrustZone (TEE) on all samsung devices, along with code specific for all types of TEE OS (QSEE, TEEGris, etc.). This includes a DRM module and a keymaster/gatekeeper!
- Algorithms for all biometric unlock operations, including source code that communicates directly with the sensor
- Bootloader source code for all modern Samsung devices, including code for Knox data and authentication.
- Various other data, confidential source code from Qualcomm.
Follow me on Twitter: @securityaffairs and Facebook
(security work – hacking, data breach)
share