Samsung on Monday confirmed that the company recently suffered a cyberattack, but said that it doesn’t anticipate any impact on its business or customers.
A week after it was revealed that Nvidia was hit with a cyberattack, the same cybercriminals claim to have leaked almost 190GB of data from Samsung.
According to a report from Bleeping Computer, extortion gang Lapsus$ posted a note to say the leaked data includes “confidential Samsung source code” originating from a breach.
The data is said to include source code for Trusted Applets used by the TrustZone environment, boot loaders for recent Samsung devices, and technologies associated with Samsung accounts.
The hackers claimed the “confidential Samsung source code” breached relates to the company’s biometric authentication, bootloader source code and more.
LAPSUS$ claims to have leaked “confidential source code from Qualcomm,” too, as well as “algorithms for all biometric unlock operations.”
In a statement to Bloomberg, Samsung confirmed a breach of “certain internal company data,” which “involves some source codes relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees.”
“According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption,” said Samsung in its statement.
Hacking group Lapsus$ also claimed last month that it had stolen 1TB data from GPU giant Nvidia, while also posting snapshots of some of the data online.