Samsung UK Reveals Details on ‘Year-Long’ Cyber Breach, Confirms Customer Data Leak
To improve your local-language experience, sometimes we employ an auto-translation plugin. Please note auto-translation may not be accurate, so read original article for precise information.
Samsung UK recently disclosed details about a year-long data breach that leaked customer information, marking the third significant cybersecurity lapse in the past two years.
Samsung Electronics UK recently notified its customers of a data breach lasting from July 2019 to June 2020, marking the company’s third significant cybersecurity lapse globally in recent years. The breach was discovered on November 13, and resulted from an exploited vulnerability in a third-party business application, leading to the leakage of customer names, contact details, and addresses.
This cyberattack follows two previous incidents: a substantial 200GB data leak in March 2022 by the Lapsus extortion gang, which compromised internal information including Galaxy smartphone source code, and a July 2022 intrusion targeting customer data in Samsung’s US division.
These breaches exposed confidential customer information, excluding social security numbers.
Samsung Faces Class Action Lawsuit
Despite Samsung’s assurances of enhanced security measures after the July 2022 hack, the series of breaches has led to a class action lawsuit filed in September 2022.
The lawsuit criticizes Samsung for its alleged collection of excessive personal data and failure to adequately protect it, suggesting that customers were coerced into providing data under the threat of disabled features in TVs and printers.
The legal challenge further accuses Samsung of being vulnerable to further attacks due to the exposed source codes and authentication-related information from previous breaches.
The ongoing cybersecurity concerns at Samsung highlight the critical need for robust data protection strategies, especially for global tech giants handling sensitive customer information.
Samsung has not publicly commented on the latest breach or the lawsuit yet, leaving customers and industry observers awaiting further details on the company’s response and measures to prevent future incidents.
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.