<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">
Vendor Risk Management

Samsung / LoopPay Breach Illustrates Third-Party Cyber Risks for Enterprises

Noah Simon | October 13, 2015

Last week, it was announced that LoopPay (now a Samsung subsidiary) was the victim of a data breach. LoopPay’s technology is apparently central to Samsung’s mobile payment system, yet Samsung said the breach has not affected the Samsung Pay technology. While the LoopPay breach did not extend to Samsung’s networks, the case illustrates how enterprises must evaluate security throughout the entire lifecycle of a relationship with a business partner, vendor, supplier, or portfolio member.

According to the New York Times, the breach of LoopPay dates back to March, yet it was recently discovered in August. Samsung bought the company for roughly $250 million in February, just one month before the reported breach. Acquisitions have long been targeted for cyber attacks before joining a parent company.12 Cybersecurity Metrics

In August 2014, Viator (a tour booking company) was bought by TripAdvisor. Just a few weeks later, Viator was notified by its payment card service provider that unauthorized charges occurred on many of its customers credit cards. The breach affected 1.4 million users and led to a four percent drop in TripAdvisor’s stock when the news broke.

For Samsung, the acquisition of LoopPay was integral to compete with mobile payment technologies like Apple Pay and Android Pay. These breaches illustrate how security incidents in a third party can spread to the parent company. Furthermore, they illustrate how reputation, revenue, and strategic initiatives can suffer from these setbacks.

To learn how BitSight Security Ratings can be used to mitigate risks in mergers and acquisitions transactions, visit https://www.bitsighttech.com/security-ratings-mergers-and-acquisitions

 

Suggested Posts

Worthwhile TPRM Certifications for Security & Risk Professionals

As the importance of third-party risk management (TPRM) continues to grow, organizations are hiring for related roles more seriously than ever before. To compensate, security and risk professionals are seeking out certification programs in...

READ MORE »

Which Third-Party Risk Management Tools Do You Really Need?

With high-profile breaches being traced back to supply chain vulnerabilities and a regulatory environment that’s waking up to the realities of vendor risk, many organizations are investing heavily in third-party risk management (TPRM)...

READ MORE »

New Study: Organizations Struggle to Manage Cyber Risk in Their Supply Chains

A new report from McKinsey & Company sheds light on something we’ve known for many years – organizations are struggling to make significant progress in managing cybersecurity risk in their supply chains.

READ MORE »

Subscribe to get security news and updates in your inbox.