Security News > 2022 > March > Lapsus$ extortionists dump Samsung data online, chaebol confirms security breach
Samsung has acknowledged its data was stolen after the Lapsus$ extortion gang deposited what appears to be 190GB of the company's stolen internal files online.
Jake Moore, Slovakian infosec firm ESET's global cyber security advisor, said: "Data breaches like this often have a price tag attached but these bad actors have just gone straight to releasing the data without a ransom note, leaving the targeted victims scrambling around trying to reduce the impact where possible."
So far there is no information about whether Lapsus$ has demanded a ransom from Samsung, as it did with Nvidia after stealing data from the chipmaker and threatening to leak it online unless anti-cryptominer features in GPU firmware were removed from current and future products.
Lapsus$ does not appear to follow the usual ransomware gang method of privately demanding a payoff to prevent data theft and leakage.
The gang, which appeared to align itself to cryptocurrency miners' interests, instead dumps data online as a means of ramping up pressure on its targets to do their bidding.
Data theft and leakage can have unintended consequences even from the attacker's point of view; last week a code-signing certificate included in Lapsus$'s dump from Nvidia was being used to sign Windows malware, according to infosec industry sources.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/03/07/samsung_lapsus_data_theft/
Related news
- UN aviation agency investigating 'potential' security breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- UN aviation agency confirms recruitment database security breach (source)
- Engineering giant Smiths Group discloses security breach (source)
- Australian fertility services giant Genea hit by security breach (source)