Samsung notifies UK store customers of data breach

Updated on: 16 November 2023

Gintaras Radauskas
Senior journalist

samsung-gauss-ai — Image by Shutterstock.

Samsung Electronics, a major South Korean multinational tech corporation, has notified some of its customers of a data breach that exposed their personal data to a hacker.

The company said in a notification sent to customers that the cyberattack only impacted people who bought products from the Samsung UK online store between July 1st, 2019, and June 30th, 2020.

“On November 13th, 2023, it was determined that an unauthorized individual exploited a vulnerability in a third-party business application we use and that some personal information of certain customers was affected,” said the firm.

More specific details about the security issue exploited in the breach or the aforementioned vulnerability have not been provided.

Samsung said that exposed data may include names, phone numbers, postal and email addresses. The company stressed that credentials such as passwords or financial information remain unaffected by the incident.

twitter

The breach appears to have only affected the United Kingdom – no data belonging to customers, company employees, or retailers elsewhere in the world was intercepted.

In late July 2023, hackers accessed and stole Samsung customers' names, contacts and demographic information, dates of birth, and product registration data.

In April, Samsung employees were reported by local media as sharing confidential data with ChatGPT, opening up the data to OpenAI’s users. The corporation soon banned employees from using generative AI tools such as ChatGPT, Bing, or Google Bard.

And in March, Samsung confirmed to Bloomberg that the data extortion group Lapsus$ breached Samsung’s network and stole confidential information, including source code for Galaxy smartphones.