Samsung claims that customer data was stolen in a data breach in July.
Samsung has confirmed a data breach involving customers’ personal information.
In a brief statement, Samsung stated that the security incident was discovered in late July and that a “unauthorised third party obtained information from some of Samsung’s U.S. systems.” On August 4, the company determined that customer data had been compromised.
Social Security and credit card numbers were not compromised, according to Samsung, but some customer information — name, contact and demographic information, date of birth, and product registration information — was taken.
“The information affected may differ for each relevant customer.” “We are notifying customers to make them aware of this situation,” the statement said.
Samsung spokesperson Chris Langlois told TechCrunch via email through crisis communications firm Edelman that demographic data refers to customer information used for marketing and advertising, but he did not specify what types of data this includes. Langlois also stated that registration data, which customers provide in order to gain access to support and warranty information, includes the product purchase date, model, and device ID.
Langlois declined to say how many customers were affected or why it took Samsung more than a month to notify customers about the breach, which was announced just hours before the Labor Day holiday weekend in the United States.
“Even though the investigation is ongoing,” Langlois explained, “we wanted to notify our customers to make them aware of this matter because we understand how important their privacy is.”
The company stated that it has taken precautions to secure its systems and has hired an unidentified third-party cybersecurity firm. Samsung stated that it was working with law enforcement.
This is the second time this year that Samsung has confirmed a data breach. In March, the company admitted that the Lapsus$ hacking group — the same group that infiltrated Nvidia, Microsoft, and T-Mobile — had obtained and leaked nearly 200 gigabytes of confidential data, including source code for various technologies and biometric unlock algorithms.