Samsung admits hack that leaked personal information (names, birthdays and contact details) of its users

Samsung admitted to having suffered a cybersecurity incident in late July and early August, where “an unauthorized third party acquired information from some of the company’s systems” in the United States. Among the information that the attackers obtained are names, birthdays, contact information and product registrations.

The company has already responded to this attack and pointed out that more sensitive information, such as social security numbers or debit or credit card numbers, was not stolen; however, the type of data they stole may be useful for social engineering attacks.

The number of users affected by the hack is unknown at this time, but Samsung said it is sending emails to customers who were impacted specifically and will continue this action as its investigation continues.

Consumer devices were not affected during this incident, the company said in a statement, so it is not necessary to change the password of products or accounts at the moment, although it also recommended being aware of any type of unusual activity. in the accounts, as it could be the victim of a phishing message.

This form of cyber fraud against end users consists of attackers posing as a real company so that people voluntarily hand over their data.

Given this, some recommendations that cybersecurity specialists give is to keep track of recent account activity, as well as modify passwords, in addition to activating two-step verification systems.

“We are committed to protecting the security and privacy of our customers. We have hired leading cybersecurity experts and are coordinating with authorities,” the company said in a statement.

He also said that as a result of this attack, long-term changes will be developed and implemented within their systems to improve security, as it should be remembered that this is not the first time this year that they have been victims of a major hack.

In early March, the Lapsus$ hacker group stole 200GB of internal company data, including the source code of Galaxy devices, which is used for encryption tools and biometric unlocking functions of the company’s smartphones. brand.

“There was a security breach related to some internal company data. Based on our initial analysis, the breach involves some source code related to the operation of Galaxy devices, but does not include the personal information of our consumers or employees,” the company said in a statement.