Samsung confirms data breach after a major hack

Last week, the Lapsus$ hacking group made headlines for its attack on Nvidia that revealed company secrets. The group is now holding another electronics giant ransom.

Samsung has revealed that it has had a security breach after hackers obtained and leaked nearly 200 gigabytes of confidential data. This leak included source code for technologies as well as algorithms for biometric unlock operations.

In a similar fashion to the Nvidia incident, Lapsus$ took credit for the hack on its Telegram channel. In the announcement, the group claimed to have taken the source code for trusted applets installed in Samsung’s TrustZone environment.

One of the most concerning elements of this attack is its reach. It’s not only Samsung who will be impacted, US chipmaker Qualcomm who provides technical hardware for Samsung phones has also had its data compromised.

There are concerns that with this data, groups could find vulnerabilities in devices and endanger the safety of users.

Despite the claims of Lapsus$, Samsung has yet to comment on the group responsible for the attack.

Comments on the situation

On the back of this breach, Samsung told Bloomberg: “There was a security breach relating to certain internal company data.

“According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”

A Qualcomm spokesperson told TechCrunch about their company’s stance on the incident: “We take these claims very seriously and are working expeditiously with Samsung to understand the scope of the incident, as well as to confirm what Qualcomm data, if any, has been impacted. We have no reason to believe that Qualcomm systems or security were impacted as a result of this reported incident.”

At the moment, Lapsus$ has not asked for any money from Qualcomm or Samsung, although they did command a financial transaction from Nvidia. Instead, they asked Qualcomm to disable its Lite Hash Rate (LHR) feature and told the company to open-source (publish the details of) its graphics chip drivers for macOS, Windows, and Linux devices. This request is not dissimilar to the ask for open-source product information from Nvidia.

In the case of the Nvidia ransom, the hackers threatened to leak information on March 4 unless the company met its tall demands. Nvidia did not comply with the order but the hackers failed to leak the information.