Some of Samsung’s confidential data has reportedly been leaked due to an alleged cyber attack. On Friday, the South American hacking group Lapsus$ downloaded a trove of data that it claimed came from the smartphone maker. Bleeping Computer was among the first publications to report on the incident.
Among other information, the collective claims to have obtained the source code for the bootloader for all of Samsung’s recent devices, in addition to code related to highly sensitive features such as biometric authentication and encryption on the device. The leak also reportedly includes confidential data from Qualcomm. The entire database contains approximately 190GB of data and is being actively shared in a torrent. If the contents of the leak are accurate, it could cause significant damage to Samsung.
According to The Korean Herald, the company is assessing the situation. We have contacted Samsung for comment.
If Lapsus$ sounds familiar, this is the same group that claimed responsibility for the recent NVIDIA data breach. In that incident, Lapsus$ says it obtained about 1TB of confidential data from the GPU designer, including, according to the group, schematics and driver source code.
The collective has asked NVIDIA to open up its drivers and remove the cryptocurrency mining limiter from its RTX 30 series GPUs. It is not known what demands, if any, Lapsus $ has made of Samsung. The group has previously stated that its actions were not politically motivated.