Samsung suffered from a cybersecurity incident that put user data — including some identifying information about its customers — at risk, the company said in a statement on September 2. As one of the leading technology, electronics, and appliance sellers in the world, many people use Samsung products on a daily basis. From smartphones to kitchen appliances, the company based in South Korea is a household name in the United States. Samsung’s flagship smartphones, the S22 and S22 Ultra, are some of the top options for Android smartphones. Its line of foldable phones, the Galaxy Z Fold 4 and the Galaxy Z Flip 4, remain virtually uncontested in North American market. For these reasons, it’s likely that many people use Samsung products and services often, and may have been affected by the data breach.
Both giant corporations and individual users have succumbed to cybersecurity threats in recent years, often found at the consumer level by the means of robocalls or phishing scams. Though technology companies place a lot of effort and resources into securing their data storage, big-name brands can still be vulnerable to cyberattacks. The threats of data theft, online scams, identity theft, and over-the-phone scams have only increased this year. At the individual consumer level, mobile malware and phishing scams increased by 500 percent over the previous year in the early months of 2022 in Europe. The Federal Bureau of Investigation tracks cybercrime losses yearly in the U.S., and found that in 2021 Americans lost a record-high $6.9 billion due to online attacks. Many of these threats target and attempt to scam individual users, but occasionally big companies are hit with a data breach that compromises user data.
In a statement, Samsung said it had found a ‘cybersecurity incident‘ that affected user data, including some identifying information about its customers. “In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems,” the company said. “On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected.” Samsung has taken actions to secure the vulnerabilities that led to the data breach, and has consulted outside government personnel and third-party companies. It is cooperating with law enforcement through an ongoing investigation, and is working with ‘a leading outside cybersecurity firm,‘ per the statement.
What Types Of Samsung User Data Were Breached?
The company did not clarify how many users were affected by the data breach, but Samsung did say that it was limited to U.S. systems. Additionally, users that were confirmed as affected by the data breach have been contacted directly through an email. If more information comes to light about additional affected users or data types, Samsung plans to contact those users as necessary. The data breach did not impact users’ Social Security numbers, debit card numbers, or credit card numbers — but it may have affected other identifying information. The type and amount of information that was compromised in the data breach will vary for each customer, but may include names, contact information, demographic information, date of birth, and product registration information.
Samsung says that at this point in its ongoing investigation, there is no need to take any immediate action to continue using any of the company’s products and services. Consumer devices were not affected by the data breach, so it is safe to continue using Samsung devices, but it might be worth changing Samsung account passwords or enabling two-factor identification. Even though there is no current action required by users, these are good cybersecurity practices to follow before there is an issue. Furthermore, be sure to stay vigilant against online scams and phishing attempts. The best way to avoid internet scams is to not interact with them at all, so don’t click on a link, download, or attachment that is not expected. Moving forward, Samsung is said to be shoring up its cybersecurity and protecting its systems to prevent another attack in the future.