Samsung admits to an accidental customer data leak after mysterious Find My Mobile '1' notification [Updated]

Samsung logo at CES 2019
Samsung logo at CES 2019 (Image credit: Android Central)

What you need to know

  • Samsung suffered from a data leak last week as a side effect of an internal test.
  • Customers were temporarily able to view sensitive data belonging to other customers whole logged into their own accounts.
  • The firm will notify affected customers as soon as it can with more details.

Samsung has admitted to inadvertently causing a data leak last week as part of an internal test. For context, last week users of the firm's smartphones were bewildered to wake up to a notification simply reading "1".

On Twitter, Samsung UK attributed the notification to a test of sorts.

That wasn't the only issue users faced. At the same time, some other users reported that they could access the details of other users, including the last four digits of payment cards, names, and addresses when signed into their own individual accounts. As you can imagine, that's a serious data leakage for the affected users.

Speaking to The Register, a Samsung spokesperson gave the following statement:

A technical error resulted in a small number of users being able to access the details of another user. As soon as we became aware of the incident, we removed the ability to log in to the store on our website until the issue was fixed. We will be contacting those affected by the issue with further details.

It's not exactly clear how this is linked to the mystery "1" notification but it probably has something to do with whatever internal test triggered the notification. It's also not clear what a "small number" is. Does Samsung mean a small percentage of its users or an absolute small number? The difference between that is vital for understanding just how widespread it was.

Whether we learn more details about this leak or not depends on what information the firm eventually forwards to affected customers.

Samsung confirmed to Sammobile that there was no link between the two situations other than temporal. It was a simple conincicence. The firm has also clarified the small number of customers that were affected, pinning the number as only 150. In other words, nothing too bad.

SlickWraps' website is full of vulnerabilities — and they don't seem to care

Michael Allison