Samsung announced that a data breach has occurred affecting customers after a July, 2022 hack. The breach includes personally identifiable information.
An email was sent out to all affected Samsung customers, including public notification on its website. Samsung states that an “unauthorized third party acquired information from some of Samsung’s U.S. systems” which occurred in July, 2022. The breach and extent of the hack was noticed on August 4.
Credit card numbers and social security numbers were not included in the data breach, but other personally identifiable information such as names, addresses, date of birth, and product registration information was.
“The information affected for each relevant customer may vary. We are notifying customers to make them aware of this matter,” according to the statement.
It is unclear what took so long for Samsung to publicly disclose the breach when they first detected it on August 4. The cybersecurity community are pressing Samsung for more details including the total number of affected customers. Announcing the breach over the U.S. Labor Day holiday weekend is also questionable.
Samsung announced that they are working with law enforcement and a third-party cybersecurity firm.
This is the second time this year that Samsung has been hacked. In March, Samsung announced that the Lapsus$ Group obtained and leaked over 200GB of data.
