Update, February 25, 2020 (03:30 PM ET): Samsung reached out to Android Authority regarding the Samsung data breach as described in the article below. It turns out that the data breach and the Find My Mobile notification are two separate problems.
The Find My Mobile notification — in which users randomly saw a strange notification on their phone — was not the result of a data breach. According to the company, this was the result of a mistake during some internal testing. Samsung still hasn’t explained how users with the Find My Mobile app disabled saw the notification, though.
Meanwhile, the UK version of Samsung.com did see a data breach. This breach affected a very small number of users (less than 150) with their names, telephone numbers, postal and email addresses, and previous orders accessible by third-party individuals. However, credit card info was not accessible.
The company will reach out directly to users affected by this Samsung data breach.
Original article, February 24, 2020 (10:47 AM ET): Last week, some Samsung smartphone owners saw a strange “1/1” push notification on their phones. The notification came from an app called Find My Mobile, a proprietary tool that allows you to connect with your device should it get lost or stolen. Turns out, this notification was the result of a Samsung data breach.
This goes against what Samsung claimed shortly after news of the notification started making the rounds in the media. The company called the errant notification the result of “an internal test” and there would be “no effect on your device.” However, that doesn’t appear to be the case anymore.
According to a statement provided to The Register, the notification stemmed from a Samsung data breach that resulted in “a small number of users being able to access the details of another user.” Here’s the text provided by The Register:
A technical error resulted in a small number of users being able to access the details of another user. As soon as we became of aware of the incident, we removed the ability to log in to the store on our website until the issue was fixed. We will be contacting those affected by the issue with further details.
This Samsung data breach becomes even more concerning due to reports that some users who saw the weird notification had Find My Mobile disabled. You can’t uninstall the app without rooting your phone but you can disable it, which should mean that it is not functional. The existence of the notification on phones with a disabled app is pretty concerning.
As of now, the best thing you can do in response to this Samsung data breach — regardless if you saw the notification or not — is change your Samsung account password. Hopefully, Samsung will provide additional info soon.