Samsung Mobile Phone

InfoSec: Samsung reports fresh user data breach, offers tips against identity theft

*Cybersecurity experts warn consumers that the world has reached a dangerous crossroads where companies want as much personal data as they can amass and cybercriminals want as much as they can steal

Gbenga Kayode | ConsumerConnect

Samsung has reported that the company suffered another data breach – its second in 2022, and one that exposed the names of consumers, and their demographic information like birth dates.

It was learnt the global technology company, last Friday, had announced that the breach happened late July 2022, when an unauthorised third party acquired information from some of Samsung’s United States (US) systems.

When the company completed its investigation the first week of August, the probe revealed that personal information of certain customers was affected.

“We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement,” the company said in its notice to customers about the incident.

Should you be worried?

ConsumerAffairs reached out to Samsung asking how many personal information records were involved but the company didn’t offer an answer in its response.

Still, with nearly a billion consumers worldwide using a Samsung phone and another billion with a Samsung TV, the situation could be concerning for a great number of consumers.

MakeUseOf’s David Rutland says that on top of what Samsung “officially” revealed as to what data was exposed, contact details “likely” include home address, phone number, and email.

Rutland thinks that it could go even deeper because the additional information Sansung collects during product registration includes gender, geolocation data, Samsung Account profile ID, username, and more.

“Even just your email address can be valuable to criminals,” he said. “Samsung’s half-hearted reassurance may console some customers that the criminals aren’t using their credit card details to, for instance, buy untraceable cryptocurrency.

However, the amount of information which the company admits may have been taken is staggering, and not something so easily passed off as immaterial.”

Steps consumers should take

Some cybersecurity experts warn the world has reached a dangerous crossroads where companies want as much personal data as they can amass and cybercriminals want as much as they can steal.

In an e-mail to the publication, Scamicide’s Steven Weisman says that the lesson every consumer needs to learn is to limit just how much private information they give to companies when they sign up for an account or register a product.

“For example, your doctor doesn’t need your Social Security number (if applicable) for his or her records,” Weisman said.

Until this issue is resolved completely, anyone who has any sort of Samsung device might be wise to freeze their credit at the major credit reporting agencies – Experian, Equifax, and TransUnion.

If whoever laid hands on the Samsung data wants to try and leverage someone’s personal information, they’ll be blocked from credit-related records. If freezing your credit report sounds like a hassle, it’s really not.

“This is offered through all three major credit bureaus and certain software and can conveniently be switched on and off in order to allow approved third-parties to access reports when needed,” Hari Ravichandran, founder and CEO at Aura, an online privacy safety service, noted in recent “Pandemic to Scamdemic” report.

“If you suspect that your personal information has been compromised in a data breach or otherwise, seriously consider freezing your credit in order to prevent bad actors from opening accounts or taking out loans in your name,” Ravichandran said.

Kindly Share This Story