Vendor Risk Management

Samsung / LoopPay Breach Illustrates Third-Party Cyber Risks for Enterprises

Noah Simon | October 13, 2015

Last week, it was announced that LoopPay (now a Samsung subsidiary) was the victim of a data breach. LoopPay’s technology is apparently central to Samsung’s mobile payment system, yet Samsung said the breach has not affected the Samsung Pay technology. While the LoopPay breach did not extend to Samsung’s networks, the case illustrates how enterprises must evaluate security throughout the entire lifecycle of a relationship with a business partner, vendor, supplier, or portfolio member.

According to the New York Times, the breach of LoopPay dates back to March, yet it was recently discovered in August. Samsung bought the company for roughly $250 million in February, just one month before the reported breach. Acquisitions have long been targeted for cyber attacks before joining a parent company.

In August 2014, Viator (a tour booking company) was bought by TripAdvisor. Just a few weeks later, Viator was notified by its payment card service provider that unauthorized charges occurred on many of its customers credit cards. The breach affected 1.4 million users and led to a four percent drop in TripAdvisor’s stock when the news broke.

For Samsung, the acquisition of LoopPay was integral to compete with mobile payment technologies like Apple Pay and Android Pay. These breaches illustrate how security incidents in a third party can spread to the parent company. Furthermore, they illustrate how reputation, revenue, and strategic initiatives can suffer from these setbacks.

Find out how BitSight Security Ratings can be used to mitigate risks in mergers and acquisitions transactions.

Third Party Risk Management

 

Suggested Posts

Can Your Vendor Assessments Be More Efficient?

If you’re using a “one-size fits all” approach to managing your vendor lifecycle, you are missing opportunities to save money and operate more efficiently. Vendor management efficiencies don’t end in the onboarding stage: using a...

READ MORE »

Do You Have The Right Vendor Management Policies?

If you’re experiencing frustrating delays and procedural roadblocks during your vendor management process, you’re not alone. Security managers are seeing an increase in the number of third-parties integrating with their business, and ...

READ MORE »

3 Ways To Make Your Vendor Lifecycle More Efficient

During this dynamic and stressful workplace environment 2020 has brought us, finding the most efficient ways to perform in your job has never been more important. When it comes to managing your vendor lifecycle, there are three ways you...

READ MORE »

Subscribe to get security news and updates in your inbox.