Introduction
Over Labor Day weekend, Samsung users in the U.S. received an unfortunate email from their provider:
“In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected.
We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement. We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary.“
What does this mean for Samsung customers and their private information?
Wait…Did You Say July?
You read that right. The notification that just went out in early September mentions a data breach in late July that the company discovered on August 4th. So why did it take another month to disclose the hack to users?
Part of this may have been to give themselves time to identify exactly what had been affected as wel as to get their systems patched and re-secured. Samsung identified consumer data that had been leaked as a result of the breach, as the infiltrator (as yet unknown) acquired names, contact info, registration information, birthdays and other information on customers that had been leaked online.
Although Samsung reports that no financial or identity theft took place, the email also provided information about how users can (and should) monitor credit reports in the aftermath. The company’s statement also assure users that they are working with an outside tech company to secure gaps in the network and improve the overall security of their systems, to ensure that this exploit won’t happen again.
So…Is Your Data Still Safe?
Samsung declares that you don’t need to take immediate action if you were potentially affected, but to stay alert of unauthorized activities on your credit cards or accounts, and be careful when receiving suspicious messages asking for personal information. Meanwhile, they noted that U.S. customers get one free credit check per year “from each of the three major nationwide credit reporting agencies” referring to Equifax, Experian, and TransUnion. Non-American customers don’t seem to have been affected.
For those who are still worried, it’s ALWAYS better safe than sorry in these situations! Passwords weren’t compromised according to all known reports, but it never hurts to add additional security steps to all of your accounts in case of another breach. Turning on two-factor authentication keeps out unauthorized users by requiring a secondary form of identification, like digital or face scanners, one-time passwords, and authenticator apps (to name just a few).
How much does Samsung know about you? Keep a close eye on connected cards and accounts for the next few months, just to be safe.
Conclusion
Even major corporations with a lot of revenue to invest in cybersecurity and network monitoring sometimes fall victim to cyber-incidents and data breaches. Whenever you buy goods or services related to your technology or online presence, choose companies who demonstrate transparency and dedication to securing your data pre- and post-breach.
You can also take steps on your end to add security precautions, like two-factor authentication, in addition to the firewalls and automated scanners that block threats you don’t even know about. For more tips on staying cyber-secure on a daily basis, and to get the latest news about your data security, follow our blog!
References
- https://www.samsung.com/us/support/securityresponsecenter/
- https://www.techradar.com/news/samsung-confirms-data-breach-personal-customer-data-stolen
- https://www.gsmarena.com/samsung_notifies_affected_customers_of_a_july_security_breach-news-55641.php
- https://consumer.ftc.gov/articles/free-credit-reports
- https://www.androidpolice.com/samsung-cybersecurity-hack/