Samsung / LoopPay Breach Illustrates Third-Party Cyber Risks for Enterprises

Noah Simon | October 13, 2015 | tag: Vendor Risk Management

Last week, it was announced that LoopPay (now a Samsung subsidiary) was the victim of a data breach. LoopPay’s technology is apparently central to Samsung’s mobile payment system, yet Samsung said the breach has not affected the Samsung Pay technology. While the LoopPay breach did not extend to Samsung’s networks, the case illustrates how enterprises must evaluate security throughout the entire lifecycle of a relationship with a business partner, vendor, supplier, or portfolio member.

According to the New York Times, the breach of LoopPay dates back to March, yet it was recently discovered in August. Samsung bought the company for roughly $250 million in February, just one month before the reported breach. Acquisitions have long been targeted for cyber attacks before joining a parent company.

In August 2014, Viator (a tour booking company) was bought by TripAdvisor. Just a few weeks later, Viator was notified by its payment card service provider that unauthorized charges occurred on many of its customers credit cards. The breach affected 1.4 million users and led to a four percent drop in TripAdvisor’s stock when the news broke.

For Samsung, the acquisition of LoopPay was integral to compete with mobile payment technologies like Apple Pay and Android Pay. These breaches illustrate how security incidents in a third party can spread to the parent company. Furthermore, they illustrate how reputation, revenue, and strategic initiatives can suffer from these setbacks.

Find out how BitSight Security Ratings can be used to mitigate risks in mergers and acquisitions transactions.

Third Party Risk Management

 

Suggested Posts

5 Tips to Improve Cyber Security Monitoring of Your Vendors

What’s the biggest struggle your vendor risk managers face when establishing cyber security monitoring processes? From sudden increases in the use of third-parties by your organization, to not knowing which vendors might be impacted by the...

READ MORE »

Can Your Vendor Assessments Be More Efficient?

If you’re using a “one-size fits all” approach to managing your vendor lifecycle, you are missing opportunities to save money and operate more efficiently. Vendor management efficiencies don’t end in the onboarding stage: using a...

READ MORE »

Do You Have The Right Vendor Management Policies?

If you’re experiencing frustrating delays and procedural roadblocks during your vendor management process, you’re not alone. Security managers are seeing an increase in the number of third-parties integrating with their business, and ...

READ MORE »

Subscribe to get security news and updates in your inbox.