This article was published 3 yearsago

Once again, one of the leading tech companies of the world has found itself to be the victim of a security breach. Earlier, it was Nvidia, and now, it is Samsung.

That’s right, the South Korea-headquartered Samsung suffered a security breach after hackers made off with internal company data, including the source code for the operation of the Galaxy smartphones. The same group that leaked Nvidia’s sensitive data – including employee credentials and proprietary company information – is responsible for the cybersecurity breach at Samsung as well.

The Lapsus$ hacking group has claimed to have successfully obtained the source code for trusted applets installed in Samsung’s TrustZone environment. The same is used by Samsung’s phones to perform sensitive operations, algorithms for all biometric unlock operations, and bootloader source code for all recent Samsung Galaxy devices.

For the uninitiated, if you have access to source code, you can identify security vulnerabilities that may be hidden. Consequently, this can also be used as a backdoor for the exploitation or exfiltration of data. Unlike the Nividia breach, it is not confirmed whether Lapsus$ demanded a ransom from Samsung before leaking the data. For its part, the company has confirmed the breach.

Lapsus$ seems to have posted a 190GB torrent file on its Telegram channel on Friday. At the same time, it claimed that it contained confidential Samsung source code that exposed the company’s device security systems. Confidential data from Qualcomm is also said to be included in the stolen data, though this has not been verified as spokespersons for Qualcomm did not immediately respond to comments.

While Samsung neither confirmed nor denied the identity of the hackers, it did confirm the security breach and assured the masses that no personal data belonging to customers or employees had been stolen by the hackers.

Furthermore, the company has already started to take measures to prevent more such breaches in the future.

“There was a security breach relating to certain internal company data,” the company said. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact on our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”