Samsung Says Hackers Accessed Customer Data During Year-Long Breach

Samsung has admitted that hackers accessed the personal data of U.K.-based customers during a year-long breach of its systems. From a report: In a statement to TechCrunch, Samsung spokesperson Chelsea Simpson, representing the company via a third-party agency, said Samsung was "recently alerted to a security incident" that "resulted in certain contact information of some Samsung U.K. e-store customers being unlawfully obtained." Samsung declined to answer further questions about the incident, such as how many customers were affected or how hackers accessed its internal systems. In a letter sent to affected customers, Samsung admitted that attackers exploited a vulnerability in an unnamed third-party business application to access the personal information of customers who made purchases at Samsung U.K.'s store between July 1, 2019 and June 30, 2020. The letter, which was shared on X (formerly Twitter), Samsung said it didn't discover the compromise until more than three years later, on November 13, 2023. Samsung told affected customers that hackers may have accessed their names, phone numbers, postal addresses, and email addresses.

Read more of this story at Slashdot.