Telecoms giant Sprint suffers data breach via Samsung website- Comment

It has been reported that American telecommunications provider Sprint has suffered a data breach, telling customers that hackers broke into their accounts through a Samsung website. The number of customer accounts breached isn’t yet known. The hack occurred June 22, Sprint told its customers in a letter, and included details like first and last name, billing address, phone number, subscriber ID, account number, device type, device ID, monthly charges, account creation date, upgrade eligibility and any add-on services. It occurred via the Samsung “add a line” website.

Full Story Here:

Commenting on the news is Felix Rosbach, product manager at comforte AG:

“To stay on top of the game and to offer a best-in-class customer experience, some organizations allow third parties access to sensitive customer data. Missing control over the infrastructure of third parties combined with the lack of cybersecurity talent available on the market makes it near impossible to prevent attackers from getting access to such a complex network.
Protecting data is more important than just preventing breaches. The best thing organizations can do is to focus on a data-centric security strategy to make sure that data is protected and access to it is restricted all the time.”