On Friday, Samsung sent an email notification to its users in the US (I personally received a notice as well). The email came from Samsung USA with the subject line: “Important Customer Information Notice.”
In late July 2022, an unauthorized party acquired information from some of Samsung’s US systems. Around August 4th, we determined through our ongoing investigation that certain customers’ personal information was affected.
The breach occurred sometime in July 2022, according to the email. Samsung determined on August 4th (almost a month later) that data was affected, but waited that long to inform customers. Perhaps Samsung wanted to make sure it knew what kind of data was compromised before notifying users. Samsung continues to clarify what kind of data may have been affected.
We have taken action to secure affected systems and have engaged a leading external cyber security firm and are coordinating with law enforcement. We want to assure our customers that the issue did not affect Social Security numbers or credit and debit card numbers, but in some cases it may have affected information such as name, contact and demographic information, date of birth and product registration information. The information affected for each relevant customer may vary.
The email directs customers to the Samsung Security Response Center landing page, which includes contact information for the major US credit bureaus. Although Social Security or credit card numbers do not appear to have been affected, customers should continue to monitor their credit reports for any unusual activity.
This notice applies to US-based Samsung account holders, as US systems were the ones that were accessed without authorization.
source