MediaTest Digital, a company which tests security of mobile devices and software, was able to elicit sensitive user data from Samsung accounts. Names, email addresses, and passwords were all at risk.
MediaTest took the news to Heise Security - a tech news outlet based in Germany. The media was able to confirm that the hole did in fact exist by extracting user's private data from Samsung accounts as well. Heise took this information to Samsung, and the Korean manufacturer responded to the problem immediately. Only 5 days after receiving the report, the Korean giant announced publicly that the security hole has been fixed. There is no word on follow up tests to verify whether or not the patch has actually been made though.
MediaTest was able to find the chink in Samsung's digital armor by connecting to the same WiFi network as the Galaxy S4 and Galaxy Tab 3. What makes this such a harrowing breach is that if someone were to gain access to a person's Samsung account, not only would they have access to that user's personal information, but they would also be able to record and track a user's movements and see all of the locations that they've recently visited. Additionally, they can lock a user out of their device and redirect calls.
To be on the safe side, Samsung users should reset their passwords. You can do that right now by visiting the Samsung Account site.