Samsung Germany experienced a significant data breach after 270,000 customer tickets were leaked online by the hacker “GHNA.” The leaked data included sensitive information such as customers’ names, addresses, order numbers, and transaction details. This information came from credentials stolen in 2021, which had been sitting in Samsung’s database for years. According to cybersecurity experts, this breach could have been easily prevented had the company addressed the compromised credentials earlier.
The leaked data has created a potential goldmine for cybercriminals.
With detailed information such as exact delivery addresses and order details, hackers could use this data for various malicious activities. One major risk is physical theft, as criminals could monitor delivery schedules and steal expensive products like televisions. Additionally, cybercriminals could exploit the information for highly targeted phishing attacks that could steal customers’ credit card details.
The compromised data could also be used to manipulate Samsung’s customer support systems. Fraudulent warranty claims could be made, or attackers could impersonate customers to take over their accounts. This could lead to hackers obtaining passwords, 2FA codes, or other sensitive information by tricking victims into thinking their support tickets need verification.
The leaked data is now freely available to anyone online, making it a valuable resource for attackers.
Samsung’s failure to act sooner has resulted in severe consequences. The compromised credentials, which were harvested by the Raccoon Infostealer malware, went unnoticed for years despite being flagged. The data has now been weaponized, potentially causing harm to customers. Experts warn that artificial intelligence tools could turn this data into a scalable cybercrime operation, enabling attackers to target thousands of victims daily. The company’s failure to rotate credentials or monitor its systems has exposed its customers to significant risks.
Reference:
