Samsung hit with major data breach — what you need to know

Samsung logo
(Image credit: Shutterstock)

Earlier today many Samsung customers across the U.S. received an email from the company warning that their personal information was exposed in a recent data breach.

According to the email seen by Tom’s Guide, the Korean tech giant revealed that back in July of this year, an unauthorized third party was able to acquire information from the company’s U.S. systems. 

Samsung immediately launched an investigation into the matter which found “on or around August 4” that “personal information of certain customers was affected”.

What information was exposed?

Samsung data breach email

(Image credit: Samsung)

In addition to emailing customers that may have been affected by the data breach, Samsung has also published a security notice with more details. 

Fortunately, neither Social Security or credit and debit card numbers were exposed as a result of the cybersecurity incident. However, in some cases, customer information including names, contact and demographic information, date of birth and product registration information were exposed but “the information affected for each relevant customer may vary”.

Samsung’s investigation is far from over, and the firm is working alongside a leading cybersecurity firm as well as coordinating with law enforcement to find the person or group responsible for this latest data breach.

What to do if you received an email from Samsung? 

Although only affected customers received an email from Samsung, the company warns in the FAQ at the bottom of its security notice that it will send out further emails if more customers are impacted.

While the company says that customers don’t need to take any immediate action on its own platforms, it does have several recommendations for those that did receive an email. These include remaining caution of any “unsolicited communications that ask for your personal information or refer you to a web page asking for personal information” and avoiding clicking on any links or downloading attachments from suspicious emails.

If you own one of the best Samsung phones, your device isn’t at risk as consumer devices “were not affected in connection with this incident”. Still, to safeguard your device, you should consider installing one of the best Android antivirus apps and make sure that Google Play Protect is enabled.

Samsung also recommends that affected users review their accounts for any signs of suspicious activity. While the company isn’t providing identity theft protection for its US customers yet, it does highlight the fact that those in the US can reach out to Equifax, Experian or TransUnion for their one free annual credit report.

We’ll likely find out more soon including how many U.S. customers are affected by this data breach and how those responsible were able to gain access to Samsung’s systems.

Read next: Uber is the latest company to investigate a serious data breach, after a hacker appeared to gain access to internal systems

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

  • yodaaa
    Are companies skimping out and not paying for identity protection in these incidents now?? What if I burned my one free report earlier bc of another breach? There should be a law they have to provide it when breached.
  • rgd1101
    because no ssn or credit info was exposed.
  • yodaaa
    Yeah so they say... Don't know how much I trust that they can accurately determine that