Samsung Sued Over Recent Data Breaches

Two Samsung customers, who are being represented by Clarkson Law Firm, have launched a class action lawsuit against the electronics maker for the two data breaches it had in 2022.

According to the 43-page complaint submitted to the Federal District Court for the Northern District of California, Samsung gathered user data without authorization, stored and sold it without adequate security measures, and subsequently experienced two consecutive data breaches as a result.

According to the lawsuit, Samsung purposefully blocked some features and capabilities of its electronics goods, including TVs and printers, and demanded that customers provide personally identifiable data such home addresses and birth dates.

The complaint also claims that despite promising consumers that “security and privacy are at the core of what we do and what we think about every day”. the electronics behemoth improperly retained, monitored, and sold the obtained data.

Despite asserting that it used “holistic” and “industry-leading security,” the company’s implementation of inadequate security measures resulted in the compromise of customers’ personal information.

Samsung was a victim of the Lapsus$ cybergang in early 2022, which boasted of stealing 190 Gb of data from the tech giant. Over 6,000 secret keys, including private keys, login information, and AWS, GitHub, and Google keys, as well as source code for Galaxy device-related software were among the stolen material.

The lawsuit states that Samsung’s assertions that only “source code related to the operation of Galaxy devices” was leaked during the incident “minimized entirely the impact of this first data breach”.

A hack that targeted Samsung in July 2022 led to the compromise of US consumers’ personal information. The lawsuit asserts the incident may have been avoided.

According to the complaint, “It is believed that greater than half of Samsung’s U.S. consumers had their [personal identifiable information] compromised in the breach,”

The incident, according to the lawsuit, exposed the affected people to several attacks, such as identity theft, phishing, dual-authentication frauds, and more.

Shelby Holtzclaw and Naeem Seirafi, two Samsung customers, are suing the firm, requesting that it notify all impacted customers, enhance its security procedures, and compensate victims financially.