Owner security

Samsung notifies affected customers of security breach in July

On Friday, Samsung sent an email notification to its users in the US (I personally received a notification as well). The email arrived from Samsung USA with the subject line: “An important notice regarding customer information”.

In late July 2022, an unauthorized party acquired information from some of Samsung’s US systems. On or about August 4, we determined through our ongoing investigation that certain customers’ personal information was affected.

The breach happened in July 2022, according to the email. Samsung determined on August 4 (nearly a month later) that data was affected, but waited that long to notify customers. Maybe Samsung wanted to make sure it knew what type of data was compromised before notifying users. Samsung goes on to clarify what kind of data could have been affected.

We have taken steps to secure the affected systems, have engaged a leading external cybersecurity firm, and are coordinating with law enforcement. We want to assure our customers that the issue has not impacted social security numbers or credit and debit card numbers, but in some cases it may have affected information such as name, contact and demographic information, date of birth, and product registration information. The relevant information for each affected customer may vary.

The email directs customers to Samsung’s Security Response Center homepage, which includes contact information for major US credit bureaus. Although Social Security or credit card numbers were apparently unaffected, customers should continue to monitor their credit reports for any unusual activity.

This notice applies to Samsung account holders based in the US, as US systems are the ones to which access has not been granted.