First it was Nvidia, now Samsung Electronics Co. has been affected by a security breach. LAPSUS$, a hacking group had gained access to Samsung data. Bloomberg reported that the LAPSUS$ group posted a 190GB torrent file to its Telegram channel. The group claimed that the torrent file contained confidential Samsung Galaxy source code. The group listed algorithms for Samsung smartphone biometric authentication and bootloader source code to bypass some operating systems controls. LAPSUS$ claimed this exposed Samsung’s device security systems. Bleeping Computer reported that LAPSUS$ split the leaked data in three compressed files that add to almost 190GB and made them available in a torrent, with more than 400 peers sharing the content.
Samsung confirms consumer data was not compromised
Samsung released a statement where it confirmed that there was a security breach relating to certain internal company data. The company reached out to platforms like Bloomberg and Sam Mobile with an official statement: “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
Should you be concerned?
Samsung’s clarification confirms that personal information of consumers has not been stolen. The likelihood of another security breach is low given the company has clarified that it has implemented internal security measures. It’s still a good idea for you to modify your passwords on any Samsung services that you might use.
It’s not the first ransomware attack staged by LAPSUS$
The security breach at Samsung comes hot on the heels of the attack on Nvidia. More than a week ago LASUS$ claimed to have taken a terabyte of data from chipmaking giant Nvidia. TechCrunch reported that LASUS$ is threatening to release the company’s “most closely-guarded secrets” unless it meets the gang’s increasingly bizarre demands. LAPSUS$ has already started leaking data. The hackers have stolen credentials of more than 71,000 Nvidia employees. The hackers are now threatening to release Nvidia’s trade secrets, including schematics, source code and information on recent Nvidia graphics chips, including the as-yet-unannounced RTX 3090 Ti, unless Nvidia meets the group’s bizarre demands.