Samsung Electronics confirmed it has been a victim of a cyberattack, with hacking group Lapsus$ leaking nearly 190GB of confidential data that allegedly includes “source code relating to the operation of Galaxy devices.”
Speaking to Bloomberg, Samsung states the data breach will not impact its business or its customers, according to the initial analysis. The stolen data does not include the “personal information of our consumers or employees,” the tech giant confirms.
As spotted by Bleeping Computer, Lapsus$ claims to have leaked confidential information in the 190GB data dump, such as source code for Knox, Samsung’s security and management framework in its Galaxy devices, along with details about its Trusted Applet in the company’s TrustZone environment. This manages tasks including access control, binary encryption and hardware cryptography.
The malicious hacker group also states it has confidential source code from Qualcomm, along with details on Samsung’s online services, including Samsung Account source code such as “Authentication, Identity, API, Services” and more.
The report also includes a message from the group about the leak:
The Samsung representative did not state whether the group required demands for the leak. However, Samsung states, “we have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
The Samsung data dump comes after another cybersecurity breach at Nvidia by the same group, releasing 20GB of data from the technology company that’s reportedly a small part of a much larger 1TB of data stolen. Lapsus$ claimed to have had week-long access to Nvidia’s network, according to Bleeping Computers.
Massive data leaks have been a common occurrence over the past few years, with Microsoft suffering from a cyberattack last year, too. It’s important to keep yourself safe online, and a few of the best ways to do so is to sign up to one of the best password managers, along with setting up one of the best VPN services.