Late in the week that just passed, Samsung informed its users about a “cybersecurity issue” that had resulted in the data of some of the company’s customers being stolen. According to Samsung, the event occurred in July, and they found out about it on August 4, 2022.
Samsung has verified that consumers’ personal information, such as their names, dates of birth, contact information, demographic information, and information about the products they registered, was compromised and stolen.
The electronics giant provided clarification, stating that the information taken from each client may differ and that the customer’s Social Security numbers and credit and debit card details were not compromised. However, according to the CEO of Tiberium.io, Drew Perry, who spoke to Spiceworks about the incident, “this has been a difficult year for Samsung, and it’s evident that harm inflicted by the Lapsus$ ransomware group was significantly worse than previously imagined.”
Regarding ransomware, this demonstrates that prevention is always preferable to treatment since it is both more effective and less expensive.
The nature of the compromised data provides strong evidence that the affected consumers may have been susceptible to phishing scams. The electronic industry giant did not suggest taking immediate action for affected customers. Still, they did advise those customers to remain vigilant against “any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information” and to “avoid clicking on links or downloading attachments from suspicious emails.”
Samsung is in the process of informing all of the affected consumers. Even though the South Korean arm of the corporation has already alerted law police and is collaborating with a cybersecurity firm, the South American subsidiary of the multinational electronics conglomerate only told customers one month after it became aware of the problem.
According to Perry, “considering that Samsung is one of the world’s leading technology companies, it is very concerning that it has taken the organization a month since discovering the breach to notify customers.” Moreover, “considering that Samsung is one of the world’s leading technology companies.” As a result, “important consumer data would have effectively been left in the hands of thieves,” and the victims will have had no reason to be on the watch for strange activity and phishing schemes.