Giant Mobile organization, Samsung has been seen answering its users recently. The users reported the data breach where they could see other user’s data including the last 4 digits of their cards. This spooky news spread like the fire in the bush and caught another issue along with it. The second issue had a user’s questioning Samsung about arbitrary notifications on their screens.
Issue Details
Samsung Galaxy Mobile phone and Tablet Users were dazed with a Random Push notification which was auto-removed as the user tapped on to it. Various tweets have been highlighting a bizarre Push Notification ‘1’ on Various Samsung Galaxy mobiles. As several users mention on Reddit, after they logged into and checked the account section in Samsung Shop, other people’s information like phone numbers, email addresses, recent order details, shipping addresses and even the last 4 digits of their payment cards were visible to them, in the field where their own information should have been listed.
Clarifications From The Techie Giant
To the flooded queries to Samsung on twitter, SamsungHelpUK posted “Recently, a notification about “Find My Mobile 1” occurred on a limited number of Galaxy devices. This was sent unintentionally during an internal test and there is no effect on your device. We apologize for any inconvenience this may have caused our customers. ”
Speaking to The Register, a Samsung spokesperson gave a statement “A technical error resulted in a small number of users being able to access the details of another user. As soon as we became aware of the incident, we removed the ability to log in to the store on our website until the issue was fixed. We will be contacting those affected by the issue with further details.”
With the above statement, Samsung has clarified that the number of users was small, but the number of Users questioning their data authenticity has been very high on Twitter and other forums. This was clarified by another statement by Samsung to sammobile “The notification was inadvertently sent to Galaxy devices powered by Android Oreo or later. We can assure our users that this notification does not affect their devices in any way. We sincerely apologize to our customers for the inconvenience this may have caused and will ensure that a similar incident doesn’t occur in the future.”
As in 2019 May, researchers had discovered that dozens of Samsung internal coding projects were being exposed on GitLab, being erroneously configured as public without any password protection. Similar to the previous event, Samsung had security issues, but this time, security issues led to losing the Users trust. The organization provides no clear answers to how the breach took place. Although the revelation of User data is not related to the Push notification, yet it can be concluded that during internal testing the Push Notification would have been sent to the live environment.
LIFARS Data Breach Response team effectively handles data breach response.
