Data Leak At Samsung Germany Revealed Personal Information From 270,000 Customers

Image by Open Grid Scheduler / Grid Engine, from Flickr

Data Leak At Samsung Germany Revealed Personal Information From 270,000 Customers

Reading time: 3 min

Samsung Germany suffered a massive data breach which exposed 270,000 customer support tickets to online  access.

In a rush? Here are the quick facts:

  • The exposed data contains names together with addresses and emails and orders and support interactions.
  • The exposed data allows hackers to perform phishing attacks and execute fraud schemes and conduct account takeovers.
  • Hudson Rock detected the stolen credentials multiple years before the actual breach occurred.

The hacker GHNA freely shared the stolen data which disclosed personal information along with order records and customer service dialogues, as first reported by Hudson Rock. The security breach did not stem from an advanced cyberattack since the hacker obtained stolen  credentials from 2021 through Raccoon Infostealer malware.

These credentials belonged to an employee at Spectos GmbH, the company managing Samsung Germany’s ticketing system. According to Hudson Rock, credentials were never updated, and as a result the hacker was able to access the system years later and leak the data in 2025.

Hudson Rock says that they identified these compromised credentials multiple years ago, warning about potential misuse. Hudson Rock notes how Samsung had a chance to stop this data leak, but their failure to take action resulted in the damage.

As a result, thousands of customers face severe cybersecurity risks, while the damage remains irreparable, as reported by Hudson Rock. The leaked database contains full names, email  addresses, home addresses order numbers, model details and payment method.

The risks  from this breach reach further than just the disclosure of data. Hudson Rock says that the stolen information provides phishers with a way to deceive users by pretending to be Samsung representatives, and stealing account credentials.

Delivery interception becomes possible for attackers since they have access to tracking numbers within the leaked data. Hudson Rock says fraudsters may plan to use order information to submit fake warranty claims, along with false requests for replacements and refunds.

Furthermore, attackers who possess support agent emails can now use this information to pretend as Samsung customer service representatives and steal access to victims’ accounts.

The increasing threat from infostealer malware stands out as the main lesson from this security incident. The speed at which AI tools can process and weaponize leaks has become alarming which makes these incidents more dangerous.

Hudson Rock stressed that companies need to monitor stolen credentials beyond applying patches because this proactive measure prevents such data  breaches from happening. There has been no official statement about the data leak from Samsung.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!

We're thrilled you enjoyed our work!

As a valued reader, would you mind giving us a shoutout on Trustpilot? It's quick and means the world to us. Thank you for being amazing!

Rate us on Trustpilot
0 Voted by 0 users
Title
Comment
Thanks for your feedback
Loader
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Loader
Loader Show more...