Hacker Leaks 270,000 Samsung Germany Customer Records Following Credential Compromise
A threat actor has leaked around 270,000 customer records allegedly stolen from Samsung Germany’s ticketing system, according to cybersecurity firm Hudson Rock.
The hacker, known as ‘GHNA,’ reportedly accessed Samsung’s system using stolen login credentials from a Spectos GmbH account, which was originally intended for monitoring and service quality improvements. These credentials were compromised in 2021 after a Spectos GmbH employee’s computer was infected with the Racoon infostealer.
Despite remaining dormant for four years, the unrotated credentials were recently used to breach Samsung’s system, leading to the exposure of customer tickets online. The leaked data includes personally identifiable information such as names, addresses, and email addresses, along with transaction details, order numbers, tracking URLs, support interactions, and customer communications with Samsung.
Hudson Rock warns that the exposed data could facilitate multiple cyber threats, including targeted phishing, account takeovers via customer support impersonation, fraudulent warranty claims, and even physical theft, such as package interception by criminals.
The firm also highlights the potential for AI-driven cyberattacks, where hackers could exploit the leaked data to identify high-value targets and craft highly convincing phishing schemes, such as fake customer support calls.
Hudson Rock attributes the breach to poor credential hygiene, a recurring issue that has led to similar security incidents at companies like Jaguar Land Rover, Schneider Electric, and Telefonica.
“Infostealers aren’t just a passing trend—they’re a ticking time bomb that can detonate when least expected. Companies can’t just patch and hope for the best; they must actively track and eliminate stolen credentials,” the cybersecurity firm emphasized.
Found this article interesting? Follow us on X(Twitter) and FaceBook to read more exclusive content we post.
