What you need to know
- An “unauthorized third party” accessed Samsung’s US customer data at the end of July.
- Samsung discovered the hack on August 4 but did not report it to affected customers until September 2.
- Card data is stored and the customer’s SSN is not obtained, but contact information and personal demographics are.
- Samsung encourages affected users to check their credit reports, although hackers won’t be able to influence it.
Samsung has become the latest tech company to suffer a serious data breach, although thankfully for its US customers, the scale of the breach isn’t as serious as it could be.
Samsung Security Feedback Center page (opens in a new tab) outlines the details of the breach: A hacker broke into Samsung’s data servers in the United States and accessed customer information in late July. Samsung discovered the breach in early August and took action to “secure affected systems”, hired a “leading external cybersecurity company” and contacted law enforcement. .
As for the data that has been obtained, Samsung “wants[s] to assure our customers that the issue does not affect Social Security numbers or credit and debit card numbers, but in some cases may affect information such as name, contact and demographic information, date of birth, and product registration information. ”
Contact information will most likely include email and phone number, while registration information will include any Samsung devices you registered with your Samsung account.
Any Samsung customer “identified as affected by this issue” has received an email; If not, you can breathe a sigh of relief. The company also assured that “consumer devices were not affected in connection with this incident,” so in theory a hacker wouldn’t have access to location data or other sensitive information.
For anyone who has received Samsung’s warning email, they should “be wary of any unsolicited communications that ask for your personal information or refer you to a website that asks for your personal information.” .” It is possible that hackers could use stolen personal information to carry out phishing attempts against them.
Samsung also directs its customers to the option of getting a free annual credit report from Equifax, Experian, or TransUnion. To those who requested this report, Samsung did not offer to pay for the second report.
It’s fair to ask why it took Samsung almost a month to notify customers that their contact data had been stolen. Hopefully those affected aren’t accidentally taken advantage of before Samsung warns them about the issue.
We also don’t know the scale of this breach. While most Android Central employees are based in the US with Samsung devices and accounts, only one of us received the email, so it obviously doesn’t affect every US Samsung customer. Note: Since publication, several AC writers have received emails, myself included, so keep an eye on your inbox!