After a data breach that occurred in July, Samsung notified its customers that their information had been acquired by unauthorized third-party attackers.
Samsung Has Again Experienced Another Cybersecurity Incident
As reported by The Verge, after a data breach incident occurred in July, Samsung warned its customers that an unauthorized third-party obtained some of its US client's information, including their contact details, and product registration information. The South Korean Electronics firm disclosed this data theft issue on Tuesday, August 2.
According to Engadget, Samsung said that while consumer devices were not compromised, the attackers have gained access to customer data. With this, it has taken steps to protect its networks and is collaborating with law authorities.
The information attackers have acquired might be used in social engineering assaults on other services, despite the company's claim that no bank card or Social Security numbers were obtained. Therefore, those who have been putting off two-factor authentication for critical accounts must do it right away.
Samsung warned customers to be careful with unsolicited emails and monitor their accounts for anomalous activity in a FAQ, saying that users don't need to react immediately based on its findings.
Since consumer devices were unaffected, Samsung believes its clients don't need to modify their log-in or take other security measures to keep their Samsung products or accounts secure. Regardless, the firm advises customers to avoid phishing emails and unexpected account activity.
In a published customer notice, Samsung said, "We are committed to protecting the security and privacy of our customers." They added, "We will further enhance the security of our systems, and work to maintain the trust you have put into the Samsung brand."
Read Also: PlayStation will Keep Call of Duty Once Xbox, Activision Merges
A Cybersecurity Attack in March Snatched Samsung's Source Codes
In March, Engadget also reported a similar cybersecurity incident involving Samsung that compromised confidential data. The firm confirmed this after Lapus$, a South American hacking organization, uploaded a collection of data it claims was from the tech giant.
According to an article by Engadget, days after reporting the incident, Samsung confirmed in a statement to Bloomberg that attackers seized source code for operating Galaxy devices, but customer and staff credentials were unaffected.
The bootloader source code for recent Samsung devices, along with code for biometric authentication and on-device encryption for Galaxy phones and tablets, were all contained in a 190GB torrent bundle made available by the hacking team. It is possible that they also obtained data from Qualcomm.
Later, Samsung released a statement regarding the event, saying, "Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption."
The same well-known gang caused a similar security attack at NVIDIA in February. It acquired gigabytes of sensitive GPU data, including schematics and the source code for the drivers. Its attack aimed to force NVIDIA into open-sourcing its drivers and remove mining restrictions from its RTX 30-series graphics processor units.
When NVIDIA refused to pay the ransom demanded by Lapsus$ to keep its data from being public, hackers published the source code for the company's DLSS technology and details on six secret graphics cards.
Related Article: Lapsus$ Group Leaks Alleged Samsung Confidential Data