Published On: Thu, Mar 16th, 2017

Samsung Is Reportedly Leaking Customer Data Who Are Buying Its Gorgeous New TVs

Samsung has been apparently leaking information of business who have systematic products regulating a company’s online store. Matt Metzger, an focus confidence engineer, found a trickle when he systematic a TV from a Korean tech giant. The smirch appears to be how information is being rubbed by Associated Global Systems, Samsung’s partner that reportedly handles product shipments.

Is Samsung leaking patron information?

Samsung appears to be leaking user name, address, and other information when business sequence from a company’s online store. Metzger wrote on Medium about this find when he was shopping a new TV from a renouned TV maker. After he placed a order, Metzger perceived a URL to lane his delivery. However, instead of usually his order, he could see dual sequence sum when he clicked on a link. Metzger could see their sequence information, user name and residence details.

When he contacted Samsung, a association pronounced that tracking numbers are recycled each year, but he shouldn’t be disturbed as his sequence is “first listed.” Not usually this, a tracking ID was also sequential, that ensures that anyone looking for information could throw Samsung customers’ information en masse. Possibly leaking information of thousands of clients this way, it is misleading because a information wasn’t private if a tracking numbers were “recycled” each year.

In his post, Metzger has talked about how this information could be used in amicable engineering attacks. He serve combined that following his receipt of a order, Samsung had trustworthy a TIFF record to his order, that shows his full name, address, and signature.

AGS, Samsung’s shipping partner, also has a tracking complement regulating that someone could get entrance to user information, presumably many with trustworthy TIFF files. While we are waiting for other confidence researchers to determine this report, a hunt on this tracking complement didn’t produce any formula even with consecutive sequence numbers. However, going by Metzger’s report, it appears that whatever information we enter to sequence from Samsung’s online store, we should cruise it public. Your name, address, signature, sequence number, and phone numbers could be manifest to anyone who is looking to get this information regulating a discerning Google search.

When Metzger contacted Samsung, he was endorsed to hit AGS directly. However, Metzger believes it’s Samsung’s shortcoming to consider about how user information is being rubbed by their shipping partners.

“I know we would like this brazen to a confidence team. Your ask will need to be taken adult with AGS. You will need to mislay your information by AGS. We apologize for any inconveniences that might have impacted your knowledge with Samsung. We during Samsung conclude your business, and we unequivocally wish that this conditions doesn’t deter we from stability to squeeze products of a Samsung brand.” Samsung

We couldn’t immediately get a response from Samsung but would refurbish this story as shortly as we do.

About the Author

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>