Interesting comments from Samsung
The technology company said the error affected only its U.K. website at http://samsung.com/UK and affected fewer than 150 customers.
People who logged on were able to see someone else’s name, phone number, address, email address and previous orders. Samsung said it did not leak card details.
This is a bizarre response. Credit card information aside, this constitutes a breach under GDPR guidelines. It will be interesting to understand how the ICO will respond to this