Samsung confirms hack while alleged bad actors leak 190GB of data from the breach
Samsung has confirmed that it suffered a cybersecurity breach where hackers stole internal company data, including source code for its Galaxy devices. The attackers appear to be Lapsus$, the same group who recently targeted Nvidia, though Samsung has not verified this.
The alleged hackers, Lapsus$, posted a 190GB torrent file to their Telegram channel on March 4th. The bad actors claimed that this contained Samsung’s confidential source code, which meant that the company’s device security systems were compromised.
Included in the source code were the algorithms used for biometric authentication and on-device encryption for Galaxy smartphones and tablets. Also in the leak was bootloader source code which can bypass some OS controls.
The company has stated that the personal information of customers and employees was not stolen during the attack. Samsung also noted that the breach would not impact customers in any way and that additional security measures have been put in place to prevent further hacks.
During the Nvidia hack, Lapsus$ attempted to blackmail the company by threatening to leak the stolen data. It is unclear if the group made similar threats to Samsung before publicly posting the file.