Monday, July 4, 2022
HometechSamsung Confirms Data Breach Includes Source Code for Galaxy Smartphones

Samsung Confirms Data Breach Includes Source Code for Galaxy Smartphones

Samsung has suffered a cybersecurity breach, the company revealed on Monday. The South Korean technology giant explained that the breach resulted in the exposure of internal company data. Some of the data that was exposed to the hacking group included the source code for Samsung Galaxy smartphones, but personal data of customers or its employees was not affected. The Lapsus$ hacking group had previously claimed responsibility for the breach. The company said it has taken measures to prevent breaches in the future.

On Monday, Samsung confirmed in a statement to Bloomberg News that it had suffered a cybersecurity breach, relating to certain “internal company data”. The company has not identified the group behind the hacking in the statement. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers,” Samsung explained in the statement.

Last week, hacking group Lapsus$ claimed responsibility for an attack on Samsung, then uploaded a snapshot of the company’s software gained from the attack online. The data exposed in the breach is said to include up to 190GB of data — including algorithms for bootloader source code and mobile biometric authentication — which has been uploaded as a torrent, according to a report by BleepingComputer. Lapsus$ previously claimed responsibility for a cyberattack on Nvidia, publishing a 20GB archive out of 1TB of data stolen from the GPU manufacturer.

Previously, the Lapsus$ hacking group had reportedly attempted to extort Nvidia, threatening to leak the company’s data unless it open sourced its graphics drivers and disabled the limits on cryptocurrency mining on certain GPUs. Samsung has not revealed whether the hacking group made any demands, before publishing the data online. However, the company stated that the compromised data does not include the personal information of consumers of employees. “We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption,” the company said its statement to Bloomberg.