On Friday, Samsung emailed a notification to its users in the U.S. (I personally also received a notification). This email is from Samsung USA with the subject line: “Important Notice Regarding Customer Information”.
In late July 2022, an unauthorized party obtained information from some of Samsung’s US systems. Around August 4, we determined through our ongoing investigation that some of our customers’ personal information was affected.
According to the email, the breach occurred sometime in July 2022. Samsung had determined on August 4 (nearly a month later) that the data was affected, but waited so long to let customers know. Maybe Samsung wants to make sure it knows what kind of data has been leaked before notifying users. Samsung went on to clarify which data might be affected.
We have taken action to protect affected systems and are working with a leading external cybersecurity firm and are coordinating with law enforcement. We want to assure our customers that this issue does not affect social security numbers or credit and debit card numbers, but in some cases may affect names, contact and demographic information, dates of birth and product registrations, etc. information. The affected information may vary for each relevant customer.
The email directs customers to Samsung’s Security Response Center login page, which includes contact information for major U.S. credit bureaus. While Social Security or credit card numbers do not appear to be affected, customers should continue to monitor their credit reports for any unusual activity.
This notice applies to U.S. Samsung account holders because U.S. systems are unauthorized access.