Samsung Electronics Germany

A substantial data breach has hit Samsung Electronics Germany with around 270,000 customer records being sold on the dark web by a criminal hacker under the alias 'GHNA.' The stolen information encompasses names, addresses, emails, order details, and internal communications from Samsung's support system. The breach was consequent to compromised login credentials at IT service provider Spectos, linked to Samsung’s German ticket system. The credentials, originating from a credential theft incident in 2021, remained unchanged for several years, which facilitated the breach.

Source: https://www.csoonline.com/article/3952979/hacker-steals-customer-data-from-samsung-germany.html

TPRM report: https://scoringcyber.rankiteo.com/company/samsung-electronics

"id": "sam010040325",
"linkid": "samsung-electronics",
"type": "Breach",
"date": "4/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '270,000',
                        'industry': 'Electronics',
                        'location': 'Germany',
                        'name': 'Samsung Electronics Germany',
                        'type': 'Company'}],
 'attack_vector': 'Compromised Credentials',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '270,000',
                 'personally_identifiable_information': 'Yes',
                 'type_of_data_compromised': ['names',
                                              'addresses',
                                              'emails',
                                              'order details',
                                              'internal communications']},
 'description': 'A substantial data breach has hit Samsung Electronics Germany '
                'with around 270,000 customer records being sold on the dark '
                "web by a criminal hacker under the alias 'GHNA.' The stolen "
                'information encompasses names, addresses, emails, order '
                "details, and internal communications from Samsung's support "
                'system. The breach was consequent to compromised login '
                'credentials at IT service provider Spectos, linked to '
                'Samsung’s German ticket system. The credentials, originating '
                'from a credential theft incident in 2021, remained unchanged '
                'for several years, which facilitated the breach.',
 'impact': {'data_compromised': ['names',
                                 'addresses',
                                 'emails',
                                 'order details',
                                 'internal communications'],
            'systems_affected': 'Samsung’s German ticket system'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes',
                           'entry_point': 'Compromised Credentials'},
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'Compromised login credentials at '
                                           'IT service provider Spectos'},
 'threat_actor': 'GHNA',
 'title': 'Data Breach at Samsung Electronics Germany',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Stolen Credentials'}

Samsung Electronics Germany

Episource

Chain IQ

Oxford City Council