Samsung has today confirmed it has been hacked. However, it didn’t provide any information about who was behind the attack, nor about what data was stolen exactly.
What it did say – and this will come as relief to millions of worried Samsung users – that no personal data was stolen during the hack. Specifically, Samsung told Sammobile about the incident in an official statement:
“We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system. According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
According to a report by Bleeping Computer, the South American hacker group Lapsus$ is responsible for the hack. The group made headlines for hacking Nvidia and releasing 20GB of data (from 1TB stolen) a week ago.
The 190GB stolen from Samsung has been posted online and contains confidential information not intended for the public. This includes the source code of the bootloader of newer Samsung devices, the source code of Samsung’s activation servers, confidential source code from Qualcomm and the code that Samsung uses to authorise and authenticate users’ Samsung accounts, including all APIs and services.
More worryingly, the hackers claim the data includes the source code for Knox. This is Samsung’s security platform for corporate data used on all its Galaxy devices.
Lapsus$ leaked all 190GB in three compressed files, which are available as a single torrent file. The group threatens to increase the number of peers, which should allow the stolen data to be downloaded even faster.
An analysis of the data distributed via torrent revealed that the package also includes a readme file that lists the more detailed contents of the three files packaged using the 7-Zip application.
According to Bleeping Computer, it is still unclear whether Lapsus$ will blackmail Samsung, as it has done with Nvidia. It has held off releasing any more data from the hack as it is reportedly negotiating with a buyer.
It isn’t known whether Lapsus$ had contacted Samsung and asked for money before the data was published.
This article originally appeared on PC Welt in German. Translation by Jim Martin