Samsung has disclosed a data breach that it discovered on or about August 4 that compromised the personal data of some of its users.
"Towards the end of July 2022, an unauthorised person obtained data from a few of Samsung's US systems. We discovered via our continuing investigation that specific customers' personal information may have been compromised on or about August 4, 2022," Samsung stated in a statement.
According to the corporation, the problem did not affect social security numbers, credit card numbers, or debit card numbers, but it may have in certain circumstances affected data like name, contact and demographic details, date of birth, and product registration details. The business warned that different levels of disruption may be felt by affected clients. Samsung did not specify how many customers were impacted, though.
According to Samsung, it has taken steps to safeguard the compromised systems, hired a top cybersecurity company from outside, and is working with law authorities.
Samsung said it is in direct contact with some of the impacted consumers and may reach out to additional as its investigation develops.
You may continue to use our goods and services as normal because consumer devices were not impacted by this event, the company said.
This year's second security incident
Another security breech that Samsung had in March exposed confidential business data, including the source code for its Galaxy smartphone models. The business then clarified that while certain source code related to the operation of Galaxy devices was compromised, customer or employee personal information was not exposed.
The incident was discovered after the LAPSUS$ hacking group published 190GB of Samsung data on its Telegram channel, allegedly exposing the source code for trusted applets installed within the TrustZone privileged environment, biometric authentication algorithms, bootloaders for recent devices, source code for Samsung's activation servers, full source code for technology used for authorising and authenticating Samsung accounts, including APIs and services, as well as confidential information.
Data breaches will occur more often in 2022
Between March 2021 and March 2022, there were data breaches at about 550 businesses worldwide. In 2022, the average cost of data breaches worldwide increased to an all-time high of $4.35 million from $4.24 million in 2021. The research states that 83% of the firms had had several breaches during the course of their existence.
Data breaches have affected even huge security companies. For instance, Cisco acknowledged last month that its corporate IT infrastructure was the subject of a security incident in late May.
According to a statement released by Cisco, an employee's credentials were hijacked when an attacker took over a personal Google account where credentials synced from the victim's browser. The LAPSUS$ organisation was involved in the attack.
Similarly, on August 25, cybersecurity firm Group-IB released a study claiming that at least 130 businesses, including Cloudflare, Doordash, Mailchimp, and Twilio, had been infiltrated by a month-long phishing effort.
When their targets entered their login information on a false authentication page, the attackers gained access to their accounts. The attackers carried out their attack by impersonating the Okta authentication service using text messages.