Security News > 2022 > March > Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones.
"According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg.
The confirmation comes after the LAPSUS$ hacking group dumped 190GB of Samsung data on its Telegram channel towards the end of last week, allegedly exposing the source code for trusted applets installed within TrustZone, algorithms for biometric authentication, bootloaders for recent devices, and even confidential data from its chip supplier Qualcomm.
If the name LAPSUS$ rings familiar, it's the same extortionist gang that made away a 1TB trove of proprietary data from NVIDIA last month, namely employee credentials, schematics, driver source code, and information pertaining to the new graphics chips.
The group, which first emerged in late December 2021, also placed an unusual demand urging the company to open-source its GPU drivers forever and remove its Ethereum cryptocurrency mining cap from all NVIDIA 30-series GPUs to prevent more leaks.
Two code-signing certificates included in cache dump from NVIDIA have been used to sign malicious Windows drivers and other tools often used by hacking crews, namely Cobalt Strike beacons, Mimikatz, and other remote access trojans.
News URL
https://thehackernews.com/2022/03/samsung-confirms-data-breach-after.html
Related news
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Nokia investigates breach after hacker claims to steal source code (source)
- Iranian hackers charged for ‘hack-and-leak’ plot to influence election (source)
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)