Samsung Portable SSD T3 drive

Researchers from Radboud University discovered security flaws in data storage devices, including the Samsung SSD T3 drive. There could be a way for malicious experts with direct physical access to your SSD (e.g. in case of lost or theft) to bypass the encryption protection and access your data. The chance this happens is currently very small, but is likely to increase and therefore the Faculty Board requires all Samsung T3 SSD drives to be updated. 

There are 2 ways to implement this necessary firmware update:

  1. Perform the firmware update yourself. This can only be done on a Windows pc/laptop with admin rights.
    Most UT PCs don’t have this (except if it is provided on your request), but you can also do it on your own private Windows PC/Laptop (where you usually have admin rights). To do so, please check the Instruction_firmware_update and update as soon as possible to avoid being held accountable for a possible data breach.
  2. If you don’t have accessibility to a Windows based pc/laptop with admin rights or have a MAC you need to come to one of the SSD drive firmware update sessions in Ravelijn or Cubicus building. Check the schedule below for dates & times help is available.  

IMPORTANT: Please make sure you SSD drive does not contain any data before you update the firmware or come to one of the update sessions.

Schedule for help (option 2) with implementing the Firmware update

RAVELIJN

CUBICUS

Date, 08:00 – 09:00, Location

Date, 08:00 – 09:00, Location

Date, 12:30 – 13:30, Location

Date, 12:30 – 13:30, Location

Date, 17:00 – 18:00, Location

Date, 17:00  –  18:00, Location

Date, 08:00  – 09:00, Location

Date, 08:00  –  09:00, Location

Date, 12:30 – 13:30, Location

Date, 12:30  –  13:30, Location

Date, 17:00 – 18:00, Location

Date, 17:00  –  18:00, Location

New employee and you do not have a Samsung T3 SSD drive yet?
Please get in contact with ssd-bms@utwente.nl  

Recently lost your Samsung T3 SSD drive?
If you recently lost your SSD which contained sensitive data and you did not (yet) reported that to us or to the CERT-team directly (data breaches), get in contact with us via ssd-bms@utwente.nl immediately.