Samsung Data Breach Exposes Personal Information of UK Store Customers

Electronics giant Samsung has disclosed a new data breach that has exposed the personal information of some of its UK store customers. The company says that the breach impacted customers who made purchases from the Samsung UK online store between July 1, 2019, and June 30, 2020.

The exposed data may include names, phone numbers, postal and email addresses. The company is very confident that credentials or financial information remains unaffected by the cyberattack.

The company has taken all necessary measures to address the security issue and has notified the UK’s Information Commissioner’s Office (ICO) of the incident. The breach is confined to the UK region and does not affect customers in other countries, Samsung employees, or retailers.

“We were recently alerted to a cybersecurity incident, which resulted in certain contact information of some Samsung UK e-store customers being unlawfully obtained. No financial data, such as bank or credit card details, or customer passwords, were impacted. The incident is limited to the UK and does not affect U.S. customers, employees or retailer data” – Samsung spokesperson told BleepingComputer.

Samsung has been the target of three data breaches in the past two years, highlighting a pattern of cybersecurity vulnerabilities within the company. In March, the data extortion group Lapsus$ stole confidential information, including source code for Galaxy smartphones. In July, 2022, hackers gained unauthorized access to Samsung customer data, including names, contacts, demographic information, dates of birth, and product registration data.

These repeated breaches raise concerns about Samsung’s data security practices and the potential impact on its customers’ privacy and financial well-being. The company is investigating the cause of the breaches and implementing measures to prevent future attacks.

Samsung’s experiences underscore the importance of robust cybersecurity protocols for businesses of all sizes. Companies must prioritize the protection of sensitive customer data and implement multi-layered security measures, including data encryption, access controls, and regular security audits. Educating employees about cybersecurity threats and phishing scams is also crucial in minimizing the risk of human error, which often serves as the entry point for cyberattacks.

Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.