Samsung investigating claims of hack on South Korea systems, internal employee platform

Samsung is investigating a potential cyberattack and data breach on an internal employee platform and several systems in South Korea. 

On Tuesday, a group of hackers going by the name “Genesis Day” claimed it attacked Samsung’s offices in South Korea because of the country’s recent opening of a mission to the North Atlantic Treaty Organization (NATO).

The group said it hacked the internal File Transfer Protocol service of the Samsung Group in South Korea as well as the internal employee system and the Samsung Group intranet. 

They threatened to leak business data from Samsung’s operations in France and more. 

"We are aware of the recent online posting and are in the process of verifying the claim,” a Samsung spokesperson told The Record.

An unknown user in the hacker's forum claims that the Genesis day group has hacked into the internal FTP service of the Samsung Group in South Korea, as well as the internal employee system and the Samsung Group intranet.#SouthKorea #darkweb #DeepWeb #databreach #cyberrisk pic.twitter.com/95M1IKmNa3

— FalconFeedsio (@FalconFeedsio) January 18, 2023

The tech giant was attacked twice in 2022, with the first incident in March when the company said the Lapsus$ extortion group hacked its systems and stole troves of data, including Galaxy smartphone source code.

In September, the company published a notice telling customers that their U.S.-based systems were hacked in late July. The company’s security team discovered on August 4 that customer information was affected, and they hired a cybersecurity firm in addition to contacting law enforcement.

The breach involved names, contact and demographic information, dates of birth, and product registration information.