In late July 2022, an unauthorized party obtained information from some Samsung systems in the US. On or around August 4th, we determined through our ongoing investigation that some customers’ personal information was affected. The breach occurred sometime in July 2022, according to the email. Samsung decided on August 4th (almost a month later) that data was affected, but waited that long to notify customers. Perhaps Samsung wanted to make sure it knew what kind of data had been breached before notifying users. Samsung goes on to clarify what kind of data could have been affected. We have taken measures to secure the affected systems and have engaged a leading external cyber security firm and are coordinating with law enforcement. We want to assure our customers that the issue did not affect Social Security numbers or credit and debit card numbers, but in some cases, it may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary. The email directs customers to the Samsung Security Response Center landing page, which includes contact information for the major US credit bureaus. Although Social Security or credit card numbers were not affected, customers should continue to monitor their credit reports for any unusual activity. This notice applies to US-based Samsung Account holders, as US systems were the ones that were accessed without authorization. Source
