Last week, Samsung sent out a global notification to Galaxy devices containing just the number 1. At the time, the company said it was an accident born out of internal testing, but now Samsung is changing its tune. It seems the phone manufacturer experienced a data breach.
Update, 2/24: Shortly after publishing this piece, Samsung reached out to SamMobile, clarifying that the data breach and the Find My Mobile notification weren’t connected. Samsung says that the technical error leading to the data mishap only occurred on its UK website, which caused some users to find data from other people’s accounts on their devices. Samsung says the number of affected customers is under 150.
The close timing of the two incidents led to the belief that they were linked, but Samsung says this isn’t the case.
The original story is left intact below.
Samsung phones have a familiar “Find My Mobile” feature found on many modern smart devices for when your phone is lost or stolen. Part of that function is the ability to send the device notifications to help you locate the phone. Samsung users around the world reported a mysterious “1” notification that came from the service last week.
Initially, Samsung claimed that it was the result of an internal test gone awry. But, as reported by The Register, users who saw the notification started finding strangers’ personal data on their phones. When contacted, Samsung admitted the truth—it has suffered a data breach. According to a spokesperson for Samsung:
“A technical error resulted in a small number of users being able to access the details of another user. As soon as we became of aware of the incident, we removed the ability to log in to the store on our website until the issue was fixed.”
We don’t know how widespread the problem is yet, but it’s hard to take Samsung’s words of “small number of users” at face value when it started off saying the entire thing was a botched internal test as opposed to something more.
We’ll update this post when we find out more details.
via The Register