Samsung Electronics America Inc. now faces a federal class action lawsuit filed at the US District Nevada Court after affected consumers allege that the tech company failed to protect the private information of thousands of users whose information was stolen in an August cybersecurity incident.
According to Android Central, Samsung is being sued for neglecting to notify affected consumers of a data breach in July. The problem was found in August, but it took Samsung a month to inform the affected clients.
Names, contact and demographic information, dates of birth, and product registration information were among the private information stolen in the breach.
Delayed Data Breach Notification
In late July 2022, unknown attackers got information from Samsung's US networks. Around Aug 4, the tech company learned that the personal information of around 3000 consumers had been compromised.
In an important notice, the corporation indicated that it had made efforts to secure the hacked systems, including employing a reputable independent cybersecurity firm and collaborating with law enforcement. Despite this, Samsung is under fire for failing to notify affected users about a month after the incident occurred.
According to Bloomberg, plaintiff Shelby Harmer and other concerned consumers were not alerted for over a month, according to the complaint filed on Sept 6 in the US District Court for the District of Nevada.
While Samsung was right in quickly moving to secure their systems in order to fix security loopholes caused by the breach, the Federal Trade Commission (FTC) requires companies that encounter a data breach to notify people that their personal information has been compromised promptly. This is so that these impacted individuals can take steps to reduce the likelihood that their information will be misused.
What's Next?
The South Korean tech conglomerate informed its clients in a public notice that the data security issue did not jeopardize information such as Social Security numbers or credit and debit card numbers.
Samsung also stated that it had begun personally contacting customers affected by the cyberattack to inform them of the situation and the risks it may pose. The corporation also told its consumers that their investigations will be continued and that they will be keeping users updated with recent developments.
Meanwhile, Samsung advises users to be cautious while dealing with questionable links and accounts with suspicious online activities.
Uber, a well-known food delivery service in the United States, was one of the most recent cyberattacks disclosed to its customers. As part of a negotiated settlement with the US Department of Justice, the company admitted to concealing a large cybersecurity incident that occurred in Oct 2016, exposing the sensitive data of 57 million customers and drivers.
Samsung, like Uber, is facing a lawsuit for failing to notify affected constituents about a result of a breach on time. We will find out in the coming days why Samsung decided to notify customers about the breach a month late.
