Connect with us

Hi, what are you looking for?

Tech & Science

Samsung admits to 2020 data breach

Samsung issues warning to customers following data breach.

Samsung is one of the world's largest chip makers, and has large semiconductor factories in China
Samsung is one of the world's largest chip makers, and has large semiconductor factories in China - Copyright AFP/File Jung Yeon-je
Samsung is one of the world's largest chip makers, and has large semiconductor factories in China - Copyright AFP/File Jung Yeon-je

News has surfaced that Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorised individual.

In relation to this, the technology company says that the cyberattack impacted only customers who made purchases from the Samsung UK online store between July 1, 2019, and June 30, 2020.

Samsung discovered the data breach this week and determined that it was the result of a hacker exploiting a vulnerability in a third-party application the company used.

A warning note to affected users tells them: “Based on our investigation, we have identified that the affected data may have included your name, phone number, address and email address. We want to assure you that the issue did not impact your password or financial information” (quoted by The Daily Mirror).

In investigating the ramifications, Javvad Malik, lead security awareness advocate at KnowBe4, has explained to Digital Journal why this data breach is potentially impactful for thousands of customers.

Malik places this latest incident in context alongside other similar incidences: “Data breaches can have significant consequences, particularly with large organisations which hold hundreds of thousands of individual records.”

With the specific incident, Malik thinks that Samsung have behaved appropriately: “It’s good that Samsung has responded and notified customers in a timely manner.” Whether notifying customers in 2023 of a problem in 2020 is timely is debatable, however.

In addition, it is both unclear precisely how the threat actor got their hands on the data, and whether the vulnerability remains unpatched to this day.

Malik does raise the matter of weaknesses within a major corporation thar have allowed such an event to happen: “Although it’s concerning that a vulnerability in a third-party application was exploited, it’s a reminder for organisations to thoroughly assess and secure their entire digital supply chain.”

He is of the view that the incident should sound warning bells to customers as well as to other businesses, in noting: “Additionally, customers should remain vigilant against potential phishing attempts or scams that may arise as a result of this breach. While the focus is on the fact that no financial information was compromised, often times personal information can be more valuable to criminals as they can use the information repeatedly to attack individuals.”

Turning this into a recommendation, Malik raises: “Which is why continued user awareness training is key, because as long as breaches continue to occur, individuals will remain the primary target of attack.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

When soil microbes digest plant matter, the digested food follows one of two pathways.

Business

Amazon hired 1300 new associates ahead of normal operational needs, to dilute the proportion of GMB members.

World

British inflation slowed in May to the central bank's two-percent target, official data showed Wednesday.

World

Japan's Emperor Naruhito (2nd R) and Empress Masako (R) walk to greet guests during the spring garden party at the Akasaka Palace imperial garden...