Samsung Fails Consumers in Preventable Back-to-Back Data Breaches, According to Federal Lawsuit

Company unnecessarily collected consumers' personal data and failed to safeguard it, suit alleges, leading to two back-to-back data breaches.

September 26, 2022

2 Min Read


OAKLAND, Calif., Sept. 23, 2022 /PRNewswire — Earlier this month, two Samsung users, Shelby Holtzclaw and Naeem Seirafi, fired a class action lawsuit at Samsung Electronics of America, accusing the company of unnecessarily collecting consumers' personal data and failing to safeguard it.

Represented by powerhouse public interest firm, Clarkson Law Firm, the Plaintiffs further allege that Samsung failed to take appropriate protective measures leading to two back-to-back data breaches. Samsung then exacerbated the problem, according to the lawsuit, by neglecting to inform consumers whose data may have been compromised. The 43-page complaint asserts that Samsung violated consumer protection laws in all 50 states.

According to the lawsuit, Samsung disabled functions and features of its electronics like TVs and printers unless consumers submitted personal identification data like their home address and date of birth. Samsung then stored, monitored, and sold that data without adequately securing it, despite having assured its customers that "security and privacy are at the core of what we do and what we think about every day." Samsung allegedly touted that it was "protecting users' security and privacy at all times" via "holistic" and "industry-leading security." However, the lawsuit claims the tech giant's deficient security measures led to two data breaches and distribution of consumers' private, personal information.

The first breach allegedly occurred in April 2022 when confidential data was accessed, stolen, and published online. Samsung reassured customers that the leak only included "some source code relating to the operation of Galaxy devices" which the Plaintiffs assert "minimized entirely the impact of this first data breach." A preventable second attack then occurred when personal identification data was allegedly stolen by an "unauthorized third party." According to the complaint, "It is believed that greater than half of Samsung's U.S. consumers had their [personal identifiable information] compromised in the breach."

The plaintiffs allege that Samsung consumers have been left vulnerable to phishing scams, identity theft, and dual-authentication scams, requiring them to spend time, energy, and money on extra security protocols like credit monitoring.

Holtzclaw and Seirafi are demanding that Samsung notify all consumers whose data was stolen, improve their security systems, and compensate victims for the financial harm they've sustained.

The case is pending in the United States Federal District Court for the Northern District of California, Case Number 3:22-cv-05176. Visit for updates.

SOURCE: Clarkson Law Firm, PC

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights