Comment: Samsung Electronics UK cybersecurity incident affects personal data of some customers
November 2023 by Sylvain Cortes, VP Strategy at Hackuity
News has emerged that Samsung Electronics (U.K) Limited confirmed it had “recently discovered a cybersecurity incident” that impacted the personal data of some customers.
Sylvain Cortes, VP Strategy at Hackuity notes how the attack highlights that app-based vulnerabilities are a growing area of concern, and require as much vigilance as the rest of your attack surface, in his comment:
“Ah, the great vulnerability induced data leak!
Although it is most unfortunate that some Samsung UK eCommerce customers have had their personal data compromised, the silver lining is that the attacker was unable to access extremely sensitive customer financial information or their passwords.
This example is one of many which demonstrates that third party app vulnerabilities is a growing area of risk. Organisations need to look at all app vulnerabilities, not just their own. By having real-time vulnerability prioritisation in place, they can keep on top of unknown open doors to their network on a risk assessed basis.
Hopefully the lesson learnt here is that App-based vulnerabilities require as much vigilance as the rest of your attack surface.”