High Profile Korean Celebrities using Samsung Phones were hacked leading to Blackmail Threats of exposing Photos & more
In November 2019 Patently Apple posted a report about Samsung being hit with a serious security flaw related to its fingerprint scanner in their Galaxy S10 and Note 10 series of smartphones. Samsung quickly adopted Qualcomm's first-gen 3D ultrasonic technology. It was so serious an issue that it damaged Samsung's reputation in the financial and security industries as some banks had taken swift action to single out Samsung's flagship devices as unsecure.
On a different note, Samsung's reputation is taking another hit in Korea due to another security issue. This time Korea's media is jumping on reports about a string of Samsung phones, and only Samsung phones, being hacked leading to blackmail demands.
One report notes that hackers are believed to have stolen celebrities' personal data such as photos, videos and text messages from Samsung Cloud, in which users store their smartphone data in case they lose or change their phones.
Hackers demanded money from their victims, threatening to expose their personal information if they didn't pay up. Some of the victims apparently paid out the money, while Joo did not, which led hackers to disclose text messages between him and another actor.
Screenshots of text messages believed to be Joo's have been distributed to various online communities, seriously harming Joo's image as the messages contain discussions of a sexual nature.
A 34-year-old office worker in Seoul told the publication that "The latest case shows that all of us can be a victim of smartphone hacking. It is scary."
A 23-year-old university student who uses a Samsung Galaxy Note 8 also said, "A smartphone is a private area. I feel scared when thinking somebody is able to view sensitive information such as conversations with my friends."
Samsung went in high denial PR mode claiming that the case was not a result of the hacking of Galaxy phones or the firm's cloud service, adding weight to the possibility that IDs and passwords of celebrities have been stolen from elsewhere as users tend to use the same IDs and passwords for various websites.
While denying it's not a security issue on Samsung phones, they turn around and tell customers to set up additional safety measures to avoid falling victim to hackers: "We advise users not to use the same ID and passwords used for logins of other accounts. We also advise users to change ID and passwords for Samsung Cloud frequently."
It appears that Samsung is taking a page right out of Apple's playbook. Back in 2014 a similar case broke out with actress Jennifer Lawrence and Kate Upton's photos on their iPhones. Apple's response at the time was as follows:
"We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.
To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification."
When in doubt, always blame the customer and never admit that the gimmicky biometric features that phone companies sell us on are really more about convenience hype than solid security.