{"id":65353,"date":"2022-09-04T02:30:04","date_gmt":"2022-09-04T02:30:04","guid":{"rendered":"https:\/\/harchi90.com\/samsung-suffers-another-massive-data-breach-should-you-be-worried\/"},"modified":"2022-09-04T02:30:04","modified_gmt":"2022-09-04T02:30:04","slug":"samsung-suffers-another-massive-data-breach-should-you-be-worried","status":"publish","type":"post","link":"https:\/\/harchi90.com\/samsung-suffers-another-massive-data-breach-should-you-be-worried\/","title":{"rendered":"Samsung Suffers Another Massive Data Breach: Should You Be Worried?"},"content":{"rendered":"
\n

Korean smartphone and TV giant, Samsung, lost an unknown amount of data relating to an unknown number of customers\u2014and kept quiet about it for almost a month.<\/p>\n

<\/p>\n

So what happened? Who was affected? And are Samsung users safe? <\/p>\n

<\/p>\n

What Happened in the Samsung Data Breach?<\/h2>\n

The short answer is that Samsung doesn’t know how the data breach happened\u2014or at least, it isn’t saying in the September 2nd press release, which states simply that, “In late July 2022, an unauthorized third party acquired information from some of Samsung’s US systems”.<\/p>\n

<\/p>\n

The statement continues:<\/p>\n

\n

“We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary.”<\/p>\n<\/blockquote>\n

Contact details likely include home address, phone number, and email. Additional information collected during product registration includes gender, precise geolocation data, Samsung Account profile ID, username, and more. Even just your email address can be valuable to criminals.<\/p>\n

<\/p>\n

Samsung’s half-hearted reassurance may console some customers that the criminals aren’t using their credit card details to, for instance, buy untraceable cryptocurrency. However, the amount of information which the company admits may<\/strong> have been taken is staggering, and not something so easily passed off as immaterial.<\/p>\n

<\/p>\n

With this level of detail, it should be relatively trivial for attackers to construct precision spearphishing attacks, engineer SIM swaps, and take out credit and loans in a victim’s name.<\/p>\n

Perhaps that’s why Samsung’s release takes pains to note that, while it is not offering free credit monitoring to victims, “you are entitled under US law to one free credit report annually from each of the three major nationwide credit reporting agencies.”<\/p>\n

<\/p>\n

\n
\n
\"cyberattacker <\/picture> <\/figure>\n<\/p><\/div>\n<\/p><\/div>\n

Samsung uncovered the breach on August 4th, 2022, and released this limited information a full 30 days later. Data breach disclosure varies across the US, but it’s a common stipulation that notification of such a breach be made as expeditiously as possible and without unreasonable delay. The maximum allowable timeframe for disclosure is between 30 days (Colorado, Florida) and 90 days (Connecticut). By delaying the disclosure this long, Samsung may be putting themselves in some jeopardy.<\/p>\n


\n <\/p>\n

Who Was Affected by the Samsung Data Breach?<\/h2>\n

As to who was affected, Samsung isn’t even giving out approximate numbers. It could be every customer who has ever owned a Samsung device, or it could be a mere handful. We don’t know yet. Samsung has tried to reassure affected users by saying:<\/p>\n

\n

“We value the trust of our customers and, should we determine through our investigation that the incident requires further notification, we will contact you accordingly.”<\/p>\n<\/blockquote>\n

Android Police reports that, earlier this year, the hacking group, Lapsus$, claimed to have exfiltrated 190GB of sensitive data from Samsung, including algorithms for all biometric unlocking operations, source code for the bootloader for newer Samsung products, and all the source code behind the process of authorizing and authenticating Samsung accounts.<\/p>\n


\n <\/p>\n

What Can You Do About It?<\/h2>\n

Okay, so what can you actually do about this breach? With this level of information being revealed, you should engage a credit monitoring service to keep an eye on any new card or loan applications in your name. Even better, freeze your credit until you’re sure you’re safe. It’s probably a good idea to change your phone number, too.<\/p>\n

And if you’re concerned and want reassurance or further advice, contact Samsung directly. You can express your dissatisfaction too, so that, if something like this happens again, they don’t treat your information in so seemingly careless a manner.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Korean smartphone and TV giant, Samsung, lost an unknown amount of data relating to an unknown number of customers\u2014and kept quiet about it for almost a month. So what happened? Who was affected? And are Samsung users safe? What Happened in the Samsung Data Breach? The short answer is that Samsung doesn’t know how the …<\/p>\n

Samsung Suffers Another Massive Data Breach: Should You Be Worried?<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":68552,"url":"https:\/\/harchi90.com\/parsing-samsungs-data-breach-notice-techcrunch\/","url_meta":{"origin":65353,"position":0},"title":"Parsing Samsung’s data breach notice TechCrunch","date":"September 7, 2022","format":false,"excerpt":"Hours before a long holiday weekend in the United States, electronics giant Samsung announced its US systems were breached a month earlier by malicious hackers, who broke in and made off with gobs of personal information about an unspecified number of its customers. The data breach is likely significant. Samsung\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":64153,"url":"https:\/\/harchi90.com\/samsung-just-had-a-data-breach\/","url_meta":{"origin":65353,"position":1},"title":"Samsung Just Had a Data Breach","date":"September 2, 2022","format":false,"excerpt":"Mykolastock \/ Shutterstock.com Many popular services have reported data security breaches over the past two weeks, including LastPass, Plex, and DoorDash. You can now add Samsung to the list, as the company just confirmed some customer data was stolen. Samsung announced on Friday, September 2 that the company \u201crecently discovered\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"Samsung logo sign.","src":"https:\/\/i0.wp.com\/www.howtogeek.com\/wp-content\/uploads\/2022\/07\/Samsung-logo-sign.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":64465,"url":"https:\/\/harchi90.com\/samsung-says-customer-data-stolen-in-july-data-breach-techcrunch\/","url_meta":{"origin":65353,"position":2},"title":"Samsung says customer data stolen in July data breach \u2013 TechCrunch","date":"September 3, 2022","format":false,"excerpt":"Electronics giant Samsung has confirmed a data breach affecting customers' personal information. In a brief notice, Samsung said it discovered the security incident in late-July and that an \u201cunauthorized third party acquired information from some of Samsung's US systems.\u201d The company said it determined customer data was compromised on August\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":65305,"url":"https:\/\/harchi90.com\/samsung-hit-with-major-data-breach-what-you-need-to-know\/","url_meta":{"origin":65353,"position":3},"title":"Samsung hit with major data breach \u2014 what you need to know","date":"September 4, 2022","format":false,"excerpt":"Earlier today many Samsung customers across the US received an email from the company warning that their personal information was exposed in a recent data breach.According to the email seen by Tom's Guide, the Korean tech giant revealed that back in July of this year, an unauthorized third party was\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":64897,"url":"https:\/\/harchi90.com\/samsungs-us-customer-data-hacked-heres-what-info-was-taken\/","url_meta":{"origin":65353,"position":4},"title":"Samsung’s US customer data hacked: Here’s what info was taken","date":"September 3, 2022","format":false,"excerpt":"What you need to knowAn \"unauthorized third party\" accessed Samsung's US customer data in late July. Samsung discovered the hack on August 4 but didn't report it to affected customers until September 2.Customer's stored card data and SSNs weren't taken, but personal demographic and contact info was.Samsung encouraged affected users\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":64284,"url":"https:\/\/harchi90.com\/samsung-says-a-data-breach-revealed-some-customers-names-birthdays-and-more\/","url_meta":{"origin":65353,"position":5},"title":"Samsung says a data breach revealed some customers’ names, birthdays, and more","date":"September 2, 2022","format":false,"excerpt":"Samsung is warning customers about a cybersecurity incident in July, where \u201can unauthorized third party acquired information from some of Samsung's US systems,\u201d including things like names, birthdays, contact info, and product registration information. The company says it discovered the breach on August 4th, and is currently investigating it with\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"fifu_image_url":"https:\/\/static1.makeuseofimages.com\/wordpress\/wp-content\/uploads\/2021\/10\/broken-android-phone.jpg","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/65353"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=65353"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/65353\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=65353"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=65353"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=65353"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}