Technology giant Samsung has confirmed it has fallen victim to a data breach but stressed that no customer data is or was at risk. Nonetheless, the news is likely to concern Samsung customers in the UK and worldwide. It is thought there are now over a billion Samsung smartphones in use globally, with many millions of people owning other Samsung tech, including smartwatches, smart TVs, and headphones.
In this incident, the hackers responsible acquired and leaked 190 gigabytes of Samsung’s confidential data. The stolen data included source code for various Samsung technologies and algorithms for biometric unlocking operations used within Samsung products.
Lapsus$ – a hacking group recently in the news for leaking thousands of Nvidia employee records online – has claimed responsibility for the Samsung data breach via its Telegram channel, where it also posted a torrent file containing the stolen data.
In addition to the data belonging to Samsung, reports also allege the group stole confidential data from Qualcomm, the company that provides processing chipsets for Samsung smartphones sold in the United States.
What are the risks associated with this theft?
Although it may be tempting to assume that leaking source code and algorithms carries a competitive intelligence risk, the most significant problem is what happens if these assets fall into the wrong hands.
Rather than using Samsung’s coding to create their own software, hackers will instead look to identify vulnerabilities within the code and develop a means of exploiting them. Should they achieve this, they could then potentially look to deploy and execute these on Samsung devices via phishing or other means, with the ultimate aim of stealing sensitive data from individuals and potentially businesses and other organisations, too.
Samsung and Qualcomm both release statements
After confirming what it called a “security breach,” Samsung released a statement to US news giant Bloomberg, in which it said: “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees.”
“Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
According to Yahoo! Finance, a Qualcomm spokesperson said: “We take these claims very seriously and are working expeditiously with Samsung to understand the scope of the incident, as well as to confirm what Qualcomm data, if any, has been impacted. We have no reason to believe that Qualcomm systems or security were impacted as a result of this reported incident.”
Background to incident remains unclear
While this incident represents a serious data breach, it is unclear why Lapsus$ targeted Samsung. The hacking group hadn’t, at the time of writing, disclosed whether it had demanded a ransom before leaking the data, and neither Samsung nor Qualcomm has said whether any such demand was received.
Image Credit: Stakon / Shutterstock.com