Hackers are able to access the private information of some Galaxy S4, S5, and S6 users through a vulnerability in the devices' pre-installed SwiftKey keyboard predictive text technology, according to the report from U.S. based security firm NowSecure.
Welton said the company began issuing patches to mobile providers at the start of 2015. He said it was unknown whether some carriers provided the patches and how many devices may still be vulnerable.
The security hole occurs when the device's keyboard updates -- giving hackers who are in the right place at the right time the opportunity to infiltrate a vulnerable device, according to NowSecure's research.
A Samsung spokesperson told ABC News in an email the coming "takes emerging security threats very seriously."
"Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days," the spokesperson said. "In addition to the security policy update, we are also working with Swiftkey to address potential risks going forward.”
"We supply Samsung with the core technology that powers the word predictions in their keyboard," a statement posted on SwiftKey's website today said. "It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this important security issue."
NowSecure recommends Galaxy users protect themselves by avoiding unsecured WiFi networks and asking their mobile provider for information about a security patch.