Samsung Electronics has learned that its network has been compromised and hackers have stolen sensitive information, including source code present in Galaxy smartphones.
Data heist group Lapsus$ has leaked nearly 190 GB of archives believed to have been stolen from Samsung Electronics.
A week earlier, the same group released 20 GB of archived documents from Nvidia, which the attackers claimed were part of a 1 TB data cache they stole after accessing the company’s network for a week.
Lapsus$ has released data purportedly from Samsung, along with a description of its contents. If the summary is accurate, Samsung suffered a massive data breach that has exposed many details of its technology and algorithms.
The company issued a statement to Bloomberg confirming that “certain internal corporate data” was obtained illegally as a result of the security breach.
Our initial analysis indicates that the case involves some source code related to the operation of Galaxy devices, but does not involve personal information of our consumers or employees
Company officials did not say whether the intruder made any demands before releasing the proprietary information, as in the Nvidia breach.
Lapsus$ is delaying the leak of the rest of Nvidia’s information because they are negotiating with the buyer
The cache leaked from Samsung is much larger and reportedly contains details about the company’s Trusted Applet in Samsung’s TrustZone environment, which is responsible for sensitive tasks such as hardware encryption, binary encryption, and access control.
The hackers also claim that the dump contains Knox source code. Samsung’s proprietary security and management framework seems to be present in most of its devices.
Comments