Hackers have successfully stolen internal company data and source code for Galaxy devices from Samsung, the South Korean tech giant confirmed today.
News of the breach was first reported earlier this month, with a hacking outfit named Lapsus$ claiming responsibility. The group, which recently hacked Nvidia, shared screenshots purportedly showing roughly 200GB of stolen data, including source code used by Samsung for encryption and biometric unlocking functions on Galaxy hardware.
In a statement today, Samsung did not confirm or deny the identity of the hackers, nor whether or not they had stolen data related to encryption and biometrics. But, the company said that no personal data, belonging either to employees or customers, had been taken.
“There was a security breach relating to certain internal company data,” said Samsung in a statement reported by Bloomberg News and SamMobile. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
In the case of the recent Nvidia hack, the hacking group Lapsus$ attempted to blackmail the company, threatening to leak data online unless Nvidia removed cryptocurrency mining limiters from certain GPUs and made the drivers for these video cards open source. It’s not clear if Lapsus$ has made any threats to Samsung trying to extort specific concessions.