Samsung confirms data breach involving UK customer details

Technology giant Samsung Electronics confirmed a data breach on Thursday that led to the unlawful acquisition of the personal contact information of some of its UK customers.

It said that while the breach did not involve financial data, bank card details, or customer passwords, it included sensitive information such as names, phone numbers, addresses, and email addresses.

According to the Evening Standard, the number of affected customers was not disclosed.

Samsung said the breach primarily impacted individuals who purchased through its UK online store.

According to the company, the incident stemmed from exploiting a vulnerability within a third-party business application used by Samsung.

The individual responsible for the breach targeted customers who conducted transactions on Samsung’s e-commerce platform between 1 July 2019 and 30 June 2020.

“We were recently alerted to a cybersecurity incident, which resulted in certain contact information of some Samsung UK e-store customers being unlawfully obtained,” a Samsung spokesperson was quoted as saying.

“No financial data, such as bank or credit card details or customer passwords, were impacted.

“We have taken all necessary steps to resolve this security issue, including reporting the incident to the Information Commissioner’s Office and contacting affected customers.”

The Evening Standard said the Information Commissioner’s Office confirmed it had been informed of the breach, and was planning inquiries into the matter.

Reporting by Josh White for Sharecast.com.