Samsung discloses data breach after July hack

Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data.

The company said its systems were compromised in late July 2022. Samsung later discovered on August 4 that customer personal information was accessed and exfiltrated out of its network.

While the attackers did not steal Social Security or credit card numbers during the breach, they snatched Samsung customers’ names, contacts and demographic information, dates of birth, and product registration data.

“Samsung detected the incident and has taken actions to secure the affected systems. As part of our ongoing investigation, we have engaged a leading outside cybersecurity firm and are coordinating with law enforcement,” Samsung said.

“The information affected for each relevant customer may vary. We are notifying customers to make them aware of this matter,” the company added.

Samsung July data breach notification email
Samsung July data breach notification email (BleepingComputer)

Samsung advises impacted individuals to:

  • Remain cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information
  • Avoid clicking on links or downloading attachments from suspicious emails
  • Review your accounts for suspicious activity

This is the second data breach Samsung confirmed since the start of the year, with the electronics giant saying in March that the data extortion group Lapsus$ breached its network and stole confidential information, including Galaxy devices’ source code.

The hackers leaked 190GB of archives containing what they claimed at the time to be documents stolen from Samsung’s servers.