Cybersecurity aims to protect sensitive data and financial assets against simple and annoying computer viruses, sophisticated and costly ransomware attacks, and everything in between. In the case of Samsung, it was a costly ransomware attack. The cybersecurity breach Sunsung Co. suffered was in late July 2022, even though they opened up about it weeks later.<\/p>\n\n\n\n
Read also: Why Is Cybersecurity Important?: All You Should Know<\/a><\/p>\n\n\n\n Below is the cybersecurity breach notification email from Samsung:<\/p>\n\n\n\n At Samsung, security is a top priority. We are reaching out to inform you that Samsung recently discovered a cybersecurity breach that affected some of your information. In September 2022, Samsung made an announcement stating that a data breach may have resulted in the theft or exposure of personal information belonging to some users of smart devices. The company stated that none of its customers’ financial information, social security numbers, or credit card numbers were compromised in any way.<\/p>\n\n\n\n Although Samsung did not specify the number of people who may have been affected or the kind of devices that may have been compromised, the company’s client base is estimated to number in the hundreds of millions. Even a relatively minor data breach may have resulted in the exposure of hundreds of thousands or even millions of accounts.<\/p>\n\n\n\n “We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary.”<\/p>\n<\/blockquote>\n\n\n\n From the statement above, it didn’t sound like Samsung knew how the data breach occurred\u2014or, perhaps, they intentionally left it out in the press release issued on September 2nd, which simply notes, “In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems.”<\/p>\n\n\n\n Contact information will most likely include a home address, phone number, and email address. Gender, accurate geolocation data, Samsung Account profile ID, username, and other information are also collected during product registration. Criminals may be interested in your email address alone.<\/p>\n\n\n\n Samsung’s half-hearted promise may reassure some customers that criminals aren’t utilizing their credit card information to buy untraceable bitcoin, for example. However, the amount of information that the company admits was obtained is startling, and it is not something that can be dismissed as insignificant.<\/p>\n\n\n\n Two Samsung users, represented by Clarkson Law Firm, filed a class action lawsuit against the electronics manufacturer for the two data breaches that occurred in 2022.<\/p>\n\n\n\n According to the 43-page complaint filed with the Federal District Court for the Northern District of California, Samsung unnecessarily acquired user data and then retained and sold it without sufficient security safeguards, resulting in two consecutive data breaches.<\/p>\n\n\n\n The lawsuit further claims that Samsung purposefully blocked certain functionalities and capabilities of its electronic devices, such as televisions and printers, and required customers to enter personally identifiable information such as home addresses and dates of birth.<\/p>\n\n\n\n Additionally, the complaint claims that the electronics behemoth subsequently retained, monitored, and sold the obtained data without properly safeguarding it while telling consumers that “security and privacy are at the heart of what we do and think about every day.”<\/p>\n\n\n\n Despite claiming that users’ security and privacy were secured by ‘holistic’ and ‘industry-leading security,’ the company employed inadequate security measures, resulting in the compromise of consumers’ personal information.<\/p>\n\n\n\n In early 2022, Samsung was victimized by the Lapsus$ cybergang, who boasted of stealing 190 GB of data from the electronics behemoth. The stolen material includes Galaxy device source code as well as over 6,000 secret keys such as private keys, login credentials, and AWS, GitHub, and Google keys.<\/p>\n\n\n\n The lawsuit says that Samsung’s assurances that only “source code related to the operation of Galaxy devices” was leaked during the incident “completely minimized the impact of this first data breach.”<\/p>\n\n\n\n In July 2022, Samsung was the victim of a hack that compromised the personal information of US customers. According to the lawsuit, that occurrence may have been avoided.<\/p>\n\n\n\n Victims of data breaches frequently spend a significant amount of time and money attempting to reduce or mitigate the harm. This could include investigating, monitoring, and notifying account holders, as well as acquiring credit monitoring or other services. In the worst-case scenario, individuals must go through time-consuming and complicated procedures to recover from identity theft, rebuild credit, and mitigate financial effects.<\/p>\n\n\n\n Due to the possibility that the data acquired in the Samsung hack contained third-party information, users may see a surge in spam emails, text messages, and phone calls. These attempted contacts could be phishing efforts to deceive users into disclosing more information, raising the possibility of monetary or identity theft.<\/p>\n\n\n\n Those who were victims of fraud as a result of the Samsung cybersecurity breach\u00a0may be eligible for compensation. Samsung further advises that device users should:<\/p>\n\n\n\n Data breach disclosure regulations differ across the United States; however,\u00a0it is a general requirement that such a breach be reported as soon as\u00a0possible and without unreasonable delay. The maximum permissible timeframe for disclosure ranges from 30 days in Colorado and Florida to 90 days in Connecticut. Meanwhile, on August 4th, 2022, Samsung discovered the vulnerability and provided this limited information 30 days later. Samsung may be placing itself in peril by postponing the disclosure for so long.<\/p>\n\n\n\n Samsung, Vivo, and Pixel devices are particularly vulnerable. The following Samsung phones are at risk: the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12, and A04 series.<\/p>\n\n\n\n As of\u00a02023, Samsung is the world’s second most popular smartphone maker, with a market share of 24.22%. Nonetheless, despite its high profile, Samsung has been the target of two cyberattacks in recent years.<\/p>\n\n\n\n In early 2022, Samsung was victimized by the Lapsus$ cybergang, which boasted of stealing 190 GB of data from the electronics behemoth. The stolen material includes Galaxy device source code as well as over 6,000 secret keys such as private keys, login credentials, and AWS, GitHub, and Google keys.<\/p>\n\n\n\n As of the time of this writing, no Apple ID has ever been “hacked”.\u00a0However, scammers can take over your account in a variety of ways if your smartphone was\u00a0probably\u00a0stolen or misplaced. Someone with access to your password used it without your knowledge.<\/p>\n\n\n\n
In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 2022, we determined through our ongoing investigation that the personal information of certain customers was affected.
We have taken actions to secure the affected systems, have engaged a leading outside cybersecurity firm, and are coordinating with law enforcement. We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary.<\/p><\/blockquote><\/figure>\n\n\n\nSamsung Cybersecurity Second Data Breach<\/span><\/h2>\n\n\n\n
What Really Happened in the Samsung Cybersecurity Breach?<\/span><\/h2>\n\n\n\n
\n
The Lawsuit Against Samsung on their Cybersecurity Breach<\/span><\/h2>\n\n\n\n
See WHATSAPP COMPANION MODE: What Is It & How To Use?<\/a><\/span><\/h4>\n\n\n\n
Potential Consequences of a Samsung Cybersecurity Breach<\/span><\/h2>\n\n\n\n
\n
What is the permissible timeframe to disclose a data breach? <\/span><\/h2>\n\n\n\n
Are Samsung phones being compromised?<\/h2>\n\n\n\n
How often has Samsung been hacked?<\/h2>\n\n\n\n
How was Samsung’s security breached?<\/h2>\n\n\n\n
Has Apple been hacked?<\/h2>\n\n\n\n
What exactly is Samsung accused of?<\/span><\/h2>\n\n\n\n