In the early hours of this morning, a very large number of Samsung devices around the world received a push notification from the vendor’s Find my Mobile app. That notification simply read “1/1”.
A handful of Reg staffers also received the notification, which caused surprise and concern at Vulture Central – not least because Find my Mobile is disabled on two of those devices.
A pre-installed default Samsung OEM app regarded by some as bloatware, Find my Mobile cannot be fully uninstalled if you don’t plan to format the entire phone with a new third-party ROM – which is a profoundly technical process, and, with modern Samsung devices, requires the user to unlock the bootloader.
Ominously, some Register readers who received the unwanted notification immediately assumed the worst and went into their accounts to change their Samsung passwords only to be confronted by other people’s personal data on the Samsung UK website.
One told us that after seeing other people’s names, addresses and phone numbers displayed in his Samsung Account after logging in using his own details, he phoned the Samsung helpdesk. Our reader said: “When I explained to [the call centre worker] what I saw, he said, ‘Yes, we’ve had a few reports of that this morning’.”
Mark showed us screenshots he had taken, showing himself logged in and someone else’s details being displayed as if they were associated with his account.