What tech companies have not experienced some kind of security incident in the last few years?
Samsung recently notified customers in the United States that it discovered a cybersecurity incident impacting some customer information.
The tech giant says that in late July of this year, "an unauthorized third party acquired information from some of Samsung's U.S. systems." After investigating the situation, the organization was able to determine that personal information of certain customers was affected. The company says it has taken actions to secure the affected systems and has engaged a leading cybersecurity firm, as well as notifying the appropriate authorities.
While the incident did not impact sensitive information like Social Security numbers or credit and debit card numbers, in some cases things such as name, contact, and demographic information, date of birth, and product registration information were impacted.
Samsung has provided some FAQs for customers who are concerned their information might have been impacted.
Can you tell us more about what specifically happened?
"In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected. We have taken action to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement."
What data was impacted?
"We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary."
Why does Samsung have my data?
"We collect information necessary to help deliver the best experience possible with our products and services. We know how important privacy is to our customers, and we provide information about how we're planning to use customer data, in strict compliance with relevant privacy laws. You may visit the U.S. Privacy Policy section of our website for more details on how we may obtain data and for what purposes: https://www.samsung.com/us/account/privacy-policy/."
What does it mean if I did not receive an email?
"We have communicated directly with certain customers we identified as affected by this issue to make them aware of the matter. We value the trust of our customers and, should we determine through our investigation that the incident requires further notification, we will contact you accordingly."
What actions should I take?
"Based on our ongoing investigation, there is no immediate action necessary for any of Samsung’s platforms. We still recommend that you:
-
Remain cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information
-
Avoid clicking on links or downloading attachments from suspicious emails
-
Review your accounts for suspicious activity"
Are my devices at risk?
"Consumer devices were not affected in connection with this incident, and you can continue to use our products and services as usual."
What is Samsung doing to prevent similar types of incidents in the future?
"We are committed to protecting the security and privacy of our customers. We have engaged leading cybersecurity experts and are coordinating with law enforcement. We will continue to work diligently to develop and implement immediate and longer-term next steps to further enhance the security across our systems."
