Samsung appears to have been the victim of a massive hack, leading to approximately 190GB of data being leaked. This could be a huge deal for Samsung, as the data is alleged to contain lots of company information.
Update, 3/7/22 11:12 am Eastern: Samsung confirmed to Bloomberg (Via SamMobile) that it was hacked. Here’s what a company spokesperson said:
We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system. According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.
The hack was performed by Lapsus$, which comes shortly after the group stole a whopping 1TB of data from Nvidia, of which the group released 20GB in a document.
This time, Lapsus$ released the data through a torrent with more than 400 peers sharing the content. It’s not clear at this point if the group asked Samsung for ransom before it released the data. The group said the leak contains “confidential Samsung source code,” which is obviously not something the company wants to have out there.
According to BleepingComputer, the leak contains source code for every Trusted Applet installed in the TrustZone environment, algorithms for all biometric unlock operations, bootloader source code for all recent Samsung devices, confidential code from Qualcomm, source code for Samsung’s activation servers, and complete source code for technology used for authorizing and authenticating Samsung accounts.
That’s a lot of data, but thankfully, it doesn’t appear the hackers were able to steal any user data, so if you’re a Samsung customer, your information should be safe.
Samsung hasn’t responded to the validity of the leak yet despite multiple outlets reaching out to the firm for comment. We’ll have to wait and see if the company addresses the situation or not.