Hacked! Samsung says hackers breached company data, Galaxy source code

tech.hindustantimes.com:

Samsung Electronics Co. suffered a cybersecurity breach that exposed internal company data, including source code for the operation of its Galaxy smartphones, the company said on Monday.

The statement came after a claim over the weekend that LAPSUS$, a hacking group that stole proprietary information from Nvidia Corp.’s networks, had gained access to Samsung data. The Korean electronics giant did not identify the attackers who compromised its systems. Measures to prevent further breaches have been put in place, a spokesperson said via text message, and customers’ personal data was not affected.

“There was a security breach relating to certain internal company data,” Samsung said. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”

The LAPSUS$ hackers posted a 190GB torrent file to their Telegram channel late Friday, claiming it contained confidential Samsung source code that exposed the company’s device security systems. Among the items listed were algorithms for Samsung smartphone biometric authentication and bootloader source code to bypass some operating system controls.