Image by Open Grid Scheduler / Grid Engine, from Flickr
Data Leak At Samsung Germany Revealed Personal Information From 270,000 Customers
Reading time: 3 min
Last Updated: Apr 1, 2025
-
![Kiara Fabbri]()
-
![Sarah Frazier]()
Fact-Checked by Sarah Frazier Content Manager
Samsung Germany suffered a massive data breach which exposed 270,000 customer support tickets to online access.
In a rush? Here are the quick facts:
- The exposed data contains names together with addresses and emails and orders and support interactions.
- The exposed data allows hackers to perform phishing attacks and execute fraud schemes and conduct account takeovers.
- Hudson Rock detected the stolen credentials multiple years before the actual breach occurred.
The hacker GHNA freely shared the stolen data which disclosed personal information along with order records and customer service dialogues, as first reported by Hudson Rock. The security breach did not stem from an advanced cyberattack since the hacker obtained stolen credentials from 2021 through Raccoon Infostealer malware.
These credentials belonged to an employee at Spectos GmbH, the company managing Samsung Germany’s ticketing system. According to Hudson Rock, credentials were never updated, and as a result the hacker was able to access the system years later and leak the data in 2025.
Hudson Rock says that they identified these compromised credentials multiple years ago, warning about potential misuse. Hudson Rock notes how Samsung had a chance to stop this data leak, but their failure to take action resulted in the damage.
As a result, thousands of customers face severe cybersecurity risks, while the damage remains irreparable, as reported by Hudson Rock. The leaked database contains full names, email addresses, home addresses order numbers, model details and payment method.
The risks from this breach reach further than just the disclosure of data. Hudson Rock says that the stolen information provides phishers with a way to deceive users by pretending to be Samsung representatives, and stealing account credentials.
Delivery interception becomes possible for attackers since they have access to tracking numbers within the leaked data. Hudson Rock says fraudsters may plan to use order information to submit fake warranty claims, along with false requests for replacements and refunds.
Furthermore, attackers who possess support agent emails can now use this information to pretend as Samsung customer service representatives and steal access to victims’ accounts.
The increasing threat from infostealer malware stands out as the main lesson from this security incident. The speed at which AI tools can process and weaponize leaks has become alarming which makes these incidents more dangerous.
Hudson Rock stressed that companies need to monitor stolen credentials beyond applying patches because this proactive measure prevents such data breaches from happening. There has been no official statement about the data leak from Samsung.
Previous Story
Latest articles 
Leave a Comment
Cancel