Security News > 2022 > March > Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones.
"According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg.
The confirmation comes after the LAPSUS$ hacking group dumped 190GB of Samsung data on its Telegram channel towards the end of last week, allegedly exposing the source code for trusted applets installed within TrustZone, algorithms for biometric authentication, bootloaders for recent devices, and even confidential data from its chip supplier Qualcomm.
If the name LAPSUS$ rings familiar, it's the same extortionist gang that made away a 1TB trove of proprietary data from NVIDIA last month, namely employee credentials, schematics, driver source code, and information pertaining to the new graphics chips.
The group, which first emerged in late December 2021, also placed an unusual demand urging the company to open-source its GPU drivers forever and remove its Ethereum cryptocurrency mining cap from all NVIDIA 30-series GPUs to prevent more leaks.
Two code-signing certificates included in cache dump from NVIDIA have been used to sign malicious Windows drivers and other tools often used by hacking crews, namely Cobalt Strike beacons, Mimikatz, and other remote access trojans.
News URL
https://thehackernews.com/2022/03/samsung-confirms-data-breach-after.html
Related news
- Dell investigates data breach claims after hacker leaks employee info (source)
- Fortinet confirms data breach after hacker claims to steal 440GB of files (source)
- A data leak and a data breach (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Payment gateway data breach affects 1.7 million credit card owners (source)
- 23andMe to pay $30 million in genetics data breach settlement (source)
- AT&T pays $13 million FCC settlement over 2023 data breach (source)
- Temu denies breach after hacker claims theft of 87 million data records (source)