Samsung confirmed on Monday that some of its data had been stolen in a cyberattack first reported over the weekend. In a statement to Bloomberg, the Korean electronics giant revealed that a security breach saw “source code related to the operation of Galaxy devices” taken but that customer and employee credentials were not affected.
Although Samsung has not revealed the actors behind the compromise, the South American hacking group Lapsus$ has claimed responsibility. The organisation shared a 190GB torrent file that reportedly includes the bootloader source code for all recent Samsung devices, as well as code related to biometric authentication and on-device encryption for Galaxy phones and tablets. The attackers may also have gained access to confidential data related to Qualcomm.
The admission comes less than a week after the same group said it obtained about 1TB of data, including schematics and source code, from chip giant NVIDIA. The company said it became aware of the attack on 23 February, after which Lapsus $ had demanded a ransom paid in crypto-currency to prevent NVIDIA’s files from becoming public. When NVIDIA failed to respond, the source code for the company’s DLSS technology and information about as many as six unannounced graphics cards were shared online.
“At this time, we do not anticipate any impact to our business or our customers. We have put measures in place to prevent further incidents of this type and will continue to serve our customers without interruption,” Samsung later confirmed in its statement. It is not known if Lapsus $ has issued the same crypto-currency requests to Samsung, but we have contacted the company for clarification.
Leave a Reply