Samsung latest in long line of data breaches

YARMOUTH, Maine – There’s bad news for Samsung customers this week as the electronics giant divulged the occurrence of a July 22 data breach.

In a corporate statement that Samsung released, the company discussed the recently discovered (August 4) data breach while assuring customers that some of its more vital data was still protected. “We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary.” Samsung wrote.

The company went on to assure customers that it has already taken action to secure affected systems and that their ongoing investigation is coordinating with law enforcement. As of yet no group has claimed responsibility for the breach, but it lands in the same time frame as many other breaches that occurred as part of a phishing campaign by hacker group 0ktapus. So far more than 130 companies have been affected by those breaches including recently Doordash and communications tools company Twilio.

Cybersecurity group, Group-IB, has been researching the actions and methods of 0ktapus and found that they used a simple but effective form of SMS phishing which they’ve in turn used to infiltrate a large amount of corporate infrastructure. “The initial objective of the attackers was clear: obtain Okta identity credentials and two-factor authentication (2FA) codes from users of the targeted organizations. With this information in hand, the attackers could gain unauthorized access to any enterprise resources the victims have access to,” Group-IB wrote in a blog on the subject. “This case is of interest because despite using low-skill methods it was able to compromise a large number of well-known organizations. Furthermore, once the attackers compromised an organization they were quickly able to pivot and launch subsequent supply chain attacks, indicating that the attack was planned carefully in advance.”

For its part Samsung has a frequently asked questions page for users and affected parties looking for answers, as well as information on how clients and customers can check their credit considering the breach here at their FAQ.

“Samsung remains committed to the security and privacy protection of its customers. By working with industry-leading experts, we will further enhance the security of our systems – and your personal information – and work to maintain the trust you have put into the Samsung brand for more than 40 years,” Samsung said. “We deeply regret any concern or inconvenience this incident may have caused to our valued customers.”

You can view the full statement at https://news.samsung.com/us/notice-us-customer-information-cybersecurity/.