PSA: Everything you need to know about Samsung’s Security Breach in July 2022

The latest big brand to suffer a security breach is Samsung which determined on August 4th that an unauthorized third party accessed its systems in the US towards the end of July 2022. Naturally, Samsung has taken actions to secure the affected systems in an effort to rebuff any further attempts at customer information, as well as working with law enforcement and an independent cybersecurity firm. Whilst Samsung says that customers' information was accessed by the attacker, it states that information such as Social Security numbers or credit and debit card numbers are still secure.

However, some information was accessed and this includes customer names, contact details, demographic information, date of birth, and even product registration data. Samsung says that it is contacting customers to notify them of the security breach, and has posted answers to the following questions that you may have about the incident:

Can you tell us more about what specifically happened?

In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that the personal information of certain customers was affected. We have taken action to secure the affected systems, have engaged a leading outside cybersecurity firm, and are coordinating with law enforcement.

What data was impacted?

We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary.

Why does Samsung have my data?

We collect information necessary to help deliver the best experience possible with our products and services. We know how important privacy is to our customers, and we provide information about how we're planning to use customer data, in strict compliance with relevant privacy laws.

What does it mean if I did not receive an email?

We have communicated directly with certain customers we identified as affected by this issue to make them aware of the matter. We value the trust of our customers and, should we determine through our investigation that the incident requires further notification, we will contact you accordingly.

What actions should I take?

Based on our ongoing investigation, there is no immediate action necessary for any of Samsung’s platforms. We still recommend that you:

• Remain cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information
• Avoid clicking on links or downloading attachments from suspicious emails
• Review your accounts for suspicious activity

Are my devices at risk?

Consumer devices were not affected in connection with this incident, and you can continue to use our products and services as usual.

What is Samsung doing to prevent similar types of incidents in the future?

We are committed to protecting the security and privacy of our customers. We have engaged leading cybersecurity experts and are coordinating with law enforcement. We will continue to work diligently to develop and implement immediate and longer-term next steps to further enhance the security across our systems.

If you have more questions about the security breach, the safety of your data, and the possible impact that it may have on your credit report, Samsung also suggests that you contact the relevant credit company for further information:

As Samsung says, your devices were not affected by the security breach and will work as normal. It's never a bad idea to change up your passwords and log-in details though, especially if it's been six months or longer since you last updated them.