Security News > 2022 > March > Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones.
"According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg.
The confirmation comes after the LAPSUS$ hacking group dumped 190GB of Samsung data on its Telegram channel towards the end of last week, allegedly exposing the source code for trusted applets installed within TrustZone, algorithms for biometric authentication, bootloaders for recent devices, and even confidential data from its chip supplier Qualcomm.
If the name LAPSUS$ rings familiar, it's the same extortionist gang that made away a 1TB trove of proprietary data from NVIDIA last month, namely employee credentials, schematics, driver source code, and information pertaining to the new graphics chips.
The group, which first emerged in late December 2021, also placed an unusual demand urging the company to open-source its GPU drivers forever and remove its Ethereum cryptocurrency mining cap from all NVIDIA 30-series GPUs to prevent more leaks.
Two code-signing certificates included in cache dump from NVIDIA have been used to sign malicious Windows drivers and other tools often used by hacking crews, namely Cobalt Strike beacons, Mimikatz, and other remote access trojans.
News URL
https://thehackernews.com/2022/03/samsung-confirms-data-breach-after.html
Related news
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Nokia investigates breach after hacker claims to steal source code (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- How to Effectively Manage a Data Breach (source)
- Nokia says hackers leaked third-party app source code (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- US space tech giant Maxar discloses employee data breach (source)
- Ford investgates alleged breach following customer data leak (source)