Samsung confirmed that hackers have successfully stolen internal company data and confidential Samsung source code for Galaxy devices. However, The company assures that no personal data was leaked and all possible measures have been taken to prevent further data breaches. Samsung has not revealed whether the hacking group has made any demands, before publishing the data online
Lapsus$ hacking group took the responsibility for stealing confidential Samsung source code
The South Korean electronics giant confirmed data breaches after hacking group Lapsus$ claimed via its Telegram channel that it has stolen 190 gigabytes of confidential Samsung source code. A spokesperson from Samsung said; “We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system.”
The statement further added; “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact on our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.” The hackers’ group shared screenshots showing around 200GB of stolen data, including source code used by Samsung for encryption and biometric unlocking functions on Galaxy hardware. The hackers claimed that the dump includes source code for Knox, Samsung’s proprietary security and management framework present on most of its devices.
Nvidia hacked by same hackers group
Lapsus$ was also responsible for the massive security breach at Nvidia. The group stole around a terabyte of corporate data during a ransomware attack and threatened to release it if Nvidia didn’t remove its cryptocurrency mining limiter (LHR) from its RTX 30-series video cards. Nvidia refused to do so, and the group has since issued another demand and claims that it will release even more data if Nvidia doesn’t comply. However, or is still not yet clear whether Lapsus$ demanded a ransom from Samsung before leaking the data, as it did with Nvidia.
Source: Tech Crunch