Samsung suffered a cybersecurity breach in late July that exposed personal information of some U.S. customers.
Discovered last month
Samsung notified customers of the incident on Sept. 2, which occurred in late July and was discovered on Aug. 4.
It said in a statement, “In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems.”
What has and hasn’t leaked
Data exposed includes name, contact and demographic details, date of birth and product registration data.
Customers’ social security numbers and credit card numbers were not affected.
Consumer devices were not affected either.
Those notified were affected.
How many customers were affected isn’t something the company has shared yet.
But if any customer has received notice, that means their data was involved in the breach.
The information affected for each relevant customer may vary and the company is notifying customers to make them aware of this matter.
Recommended actions
Samsung has advised those affected to beware of phishing schemes, monitor their credit profiles closely, read through the security notice FAQ, and revisit the company’s privacy policy.
Users are advised to be cautious of unsolicited communications asking for personal information or sharing a link.
Avoid clicking on links or downloading attachments from suspicious emails.
March incident
This isn’t the first time Samsung has dealt with such attacks and isn’t even the first of 2022.
In March it announced that hackers had exposed internal company data affecting Galaxy smartphones.
It said that it doesn’t “anticipate any impact to our business or customers” and has implemented measures to prevent further such incidents.
A private cybersecurity firm and law enforcement investigate the latest security incident.
Why Samsung collects user data
As to why Samsung is collecting data in the first place, it says that it contains “information necessary to help deliver the best experience possible with our products and services”.
It clarified that it provides information about how they use customer data, in strict compliance with relevant privacy laws.
This page contains Samsung’s notification, FAQs about the incident, and additional recommended actions.