Samsung Electronics America might find itself at the receiving end of a class action lawsuit concerning the recent cyberattack confirmed by the company last month. The security breach on Samsung’s network affected over 3,000 customers whose personal information was stolen.
A complaint filed at the US District Court for Nevada a couple of days ago accuses Samsung of not issuing a notification about the data breach in due time. Personal information, including contacts, names, birthdates, demographics, and product registration data, got stolen from thousands of customers in the United States earlier this summer. (via Bloomberg)
Security requires secrecy, but customers should be kept in the loop
The cyberattack took place in June, but Samsung discovered the leak on August 4 and disclosed the issue only about one month later. in September Samsung launched a full investigation in collaboration with “a leading outside cybersecurity firm” and confirmed that it is cooperating with law enforcement on the matter.
Although the company is clearly taking action against the recent data breach, it may have neglected informing its customers in due time, and this may end up costing it. Then again, security flaws are usually kept under wraps until a fix is devised.
Samsung hasn’t disclosed much about the recent security attack. Coincidentally or not, the company recently started updating millions of old Galaxy phones (released in 2014 and later) with a hotfix that came out of nowhere. All of these recent firmware updates released for varying aging phones had something in common: they addressed a GPS issue.