South Korean electronics giant Samsung has confirmed that the late July 2022 breach of their US systems leaked the personal information of certain customers, including name, contact details, demographic information, date of birth and product registration data.
The company also says that the hack didn’t impact customers’ Social Security Numbers, credit or debit card numbers. Samsung is actively notifying the customers affected and will keep doing so until the investigation continues.
“On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected. We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement,” Samsung confirmed on Friday.
The breach is the second one for Samsung in 2022. In March, cybercriminal group Lapsus$ accessed and almost leaked 200GB of confidential company data, including source code for Samsung’s activation servers, bootloader source code for Samsung devices, authentication source code, and biometric unlock algorithms.
According to Samsung, since the investigation is still underway, customers do not need to take any immediate action, but they still recommend that people “remain cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information, avoid clicking on links or downloading attachments from suspicious emails and review accounts for suspicious activity”.
The company claims that none of the consumer devices was affected by this incident.