Photo credit: www.csoonline.com
Samsung’s operations in Germany have reportedly been hit by a significant data breach, with around 270,000 customer records now being offered for purchase on a dark web forum. A hacker, identified by the alias “GHNA,” asserts that this data was recently extracted from Samsung Electronics Germany’s customer support database.
The information disclosed in the dark web posting includes personal details such as names, addresses, email addresses, order histories, and internal communications. An analysis conducted by Hudson Rock revealed that the breach’s initial access originated from stolen login credentials acquired by an infostealer malware in 2021.
Method of Attack Through IT Service Provider
The compromised credentials were taken from an employee of Spectos, an IT service provider that supplies software aimed at enhancing service quality. This provider is associated with Samsung’s German ticketing system accessible via samsung-shop.spectos.com. Notably, it appears that the stolen login details had remained unchanged for several years, exposing a considerable vulnerability within the security protocols of both the service provider and Samsung itself.
Source
www.csoonline.com