South Korean tech giant Samsung has said it was hit by a data breach that affected its customers' personal information, the company notified its users through email. The tech giant discovered the security breach late in July wherein "an unauthorised third party acquired information from some of Samsung's US systems". The company on August 4 determined through its "ongoing investigation" that the personal information of certain customers was affected.
Samsung said it has taken actions to secure the affected systems, and has engaged a leading third-party cybersecurity firm. It is also coordinating with law enforcement on the incident. "We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary," the company said in an advisory sent to Samsung customers.
"We regret any inconvenience this may cause you and appreciate your trust in us. We have set up an FAQ page on our website for additional questions and answers along with recommended actions," the company added.
A Samsung spokesperson named Chris Langlois was quoted as saying in a report by TechCrunch that demographic information is customer information used for marketing and advertising, but did not specify what types of data this includes.
The email Samsung sent to its customers refers them to its security response centre landing page that includes contact information for the major credit bureaus of the US. It should be noted that Samsung has said that sensitive information such as credit card numbers and Social Security numbers were affected in the breach, users are still advised to monitor their credit reports for any unusual activity.