Samsung Confirms Hackers Breached Company Data, Galaxy Smartphones Source Code
It has been confirmed on Monday that Samsung Electronic Co. suffered a security breach that leaked the company’s internal data including the source code, which was meant for operating the Galaxy Smartphones.
As per the statement, it has been claimed that LAPSUS$, a very famous hacking group, which also stole the information from Nvidia Corp. did the same with Samsung. The company has confirmed the same and added that they have gained the access to Samsung. But the company has not compromised the identity of the hackers who did the same.
Although it has been claimed by the company that there are no breaches in the personal data of the customers and talking about the further danger they denied that too. Samsung added,
“There was a security breach relating to certain internal company data According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact on our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
The LAPSUS$ is known as a very dangerous hacker group that infiltered all the data of Nvidia and published the credential of a large number of employees online. This time also the same hacker group breached Samsung’s confidential data.
They even posted on LinkedIn about the same claiming that they have obtained the source code for trusted applets which are installed in the Samsung’s TrustZone environment and is used for performing sensitive operations in the mobile phones along with bootloader source code for all recent Samsung Galaxy devices and algorithms for all biometric unlock operations.
It has also been detected that the stolen data includes confidential data from U.S. chipmaker Qualcomm, which is known for supplying chipsets for Samsung smartphones. It is also being said that by hacking this data the hackers can threaten, the actors by finding the vulnerabilities in the security or using the system for data exploitation.
However, Samsung said nothing about the same but according to them, they said in the statement that though there has been a security breach it is only the company’s internal data but not the personal belonging of the customers.
When asked by Qualcomm their spokesperson Clare Conley added that
“We take these claims very seriously and are working expeditiously with Samsung to understand the scope of the incident, as well as to confirm what Qualcomm data, if any, have been impacted. We have no reason to believe that Qualcomm systems or security were impacted as a result of this reported incident.”
Moreover, the hacker group Lapsus$ has not made any demand from Samsung, which they did from Nvidia. In the ransom from Nvidia, Lapsus$ did many bizarre demands. According to Samsung, they are not clear why this breach has been done as they have not received any ransom or deemed from the hackers.