Samsung Suffers Massive Data Breach, Korean smartphone and TV giant, Samsung, lost an unknown amount of data relating to an unknown number of customers and kept quiet about it for almost a month.
The short answer is that Samsung doesn’t know how the data breach happened or at least, it isn’t saying in the September 2nd press release, which states simply that, “In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems”. Contact details likely include home address, phone number, and email. Samsung Suffers Massive Data Breach, Additional information collected during product registration includes gender, precise geolocation data, Samsung Account profile ID, username, and more. Even just your email address can be valuable to criminals. Samsung’s half-hearted reassurance may console some customers that the criminals aren’t using their credit card details to, for instance, buy untraceable cryptocurrency. However, the amount of information which the company admits may have been taken is staggering, and not something so easily passed off as immaterial. With this level of detail, it should be relatively trivial for attackers to construct precision spearphishing attacks, engineer SIM swaps, and take out credit and loans in a victim’s name.
Perhaps that’s why Samsung’s release takes pains to note that, while it is not offering free credit monitoring to victims, “you are entitled under U.S. law to one free credit report annually from each of the three major nationwide credit reporting agencies.” Samsung uncovered the breach on August 4th, 2022, and released this limited information a full 30 days later. Data breach disclosure legislation varies across the US, but it’s a common stipulation that notification of such a breach be made as expeditiously as possible and without unreasonable delay. Samsung Suffers Massive Data Breach, The maximum allowable timeframe for disclosure is between 30 days (Colorado, Florida) and 90 days (Connecticut). By delaying the disclosure this long, Samsung may be putting themselves in some jeopardy. Okay, so what can you actually do about this breach? With this level of information being revealed, you should engage a credit monitoring service to keep an eye on any new card or loan applications in your name. Even better, freeze your credit until you’re sure you’re safe. It’s probably a good idea to change your phone number, too. And if you’re concerned and want reassurance or further advice, contact Samsung directly. You can express your dissatisfaction too, so that, if something like this happens again, they don’t treat your information in so seemingly careless a manner.
Source: This new is originally published by makeuseof