A threat actor has published approximately 270,000 customer records allegedly stolen from Samsung Germany’s ticketing system, cybersecurity firm Hudson Rock reports. The threat actors behind the leak gained access using the stolen credentials of a Spectos GmbH account, which were compromised in 2021. The login information was never rotated and, while dormant for four years, it was used this year to access Samsung’s system and dump 270,000 customer tickets on the internet. Within the leaked data, the cybersecurity firm identified personally identifiable information such as names, addresses, and email addresses, as well as transaction information, order numbers, tracking URLs, support interactions, and the communication between the customer and Samsung.

Read more: https://www.securityweek.com/hacker-leaks-samsung-customer-data/