Samsung Electronics confirmed on Monday that its network was breached and the hackers stole confidential information, including source code present in Galaxy smartphones.
As first reported by BleepingComputer, the data extortion group Lapsus$ leaked at the end of last week close to 190GB of archives claiming to have been stolen from Samsung Electronics.
Less than a week before, the same group released 20GB of archived documents from Nvidia that the attackers claimed is part of a 1TB cache of data they stole following a week-long access to the company’s network.
Hackers have Samsung source code
Lapsus$ shared the data they claim to be from Samsung along with a description of the contents. If the summary is accurate, Samsung has suffered a major data breach and details of many of its technologies and algorithms are now public.
This reporter reached out to Samsung, in North America and South Korea, numerous times over the weekend for a comment about the leak and the data allegedly stolen from the company but did not receive a response.
In a statement today, the company confirmed to Bloomberg that “certain internal company data” became available to an unauthorized party following a security breach.
The company representative did not say if the intruders made any demands before leaking the proprietary information, as it happened in the case of the Nvidia leak.
Lapsus$ said that they are delaying leaking the rest of the Nvidia information because they are negotiating with a buyer.
The cache leaked from Samsung is much larger and allegedly includes details about the company’s Trusted Applet in Samsung’s TrustZone environment responsible for sensitive tasks such as hardware cryptography, binary encryption, and access control.
The hackers also claim that the dump includes source code for Knox, Samsung’s proprietary security and management framework present on most of its devices.