Hackers steal sensitive data from Samsung

Hackers infiltrated Samsung's internal company data on Monday, accessing some of the company's source codes for Galaxy-branded devices, the company said.

After hackers accessed and exposed about 200 terabytes of secret data, including source code for several of its technologies and algorithms for biometric unlock operations, the company acknowledged the security incident.

The announcement comes after the hacking organization Lapsus$ claimed on its Telegram channel over the weekend that it had obtained 190 gigabytes of confidential source code from Samsung. Lapsus$ is the same group that reportedly penetrated Nvidia, leaking thousands of worker credentials online. The group alleged to have retrieved source code for trusted software applications installed in Samsung's TrustZone environment, which are used in Samsung smartphones for sensitive operations, algorithms for all biometric unlock operations, and bootloader source code for all recent Samsung Galaxy devices, according to TechCrunch.

The Galaxy brand includes Samsung's consumer electronics, such as smartphones and tablets. According to the company, there will be no impact on its business or customers.

In its statement, the tech giant did not mention any specific hacking group or specify what data was stolen.

“We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system,” a Samsung spokesperson told CNBC. “According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees.”

Accessibility to source code could aid threat actors in identifying vulnerabilities that would otherwise go undetected, possibly exposing vulnerable devices or systems to exploit or data theft. The stolen data purportedly contains proprietary information from Qualcomm, a US chipmaker that supplies chipsets for Samsung handsets sold in the US.

“We take these claims very seriously and are working expeditiously with Samsung to understand the scope of the incident, as well as to confirm what Qualcomm data, if any, has been impacted. We have no reason to believe that Qualcomm systems or security were impacted as a result of this reported incident,” said Qualcomm spokesperson Clare Conley.

It's unclear whether Lapsus$ wanted a ransom from Samsung before publishing the information, like it did with Nvidia's increasingly odd requests. The group urged that Intel disable its contentious Lite Hash Rate (LHR) feature and open-source its graphics chip drivers for macOS, Windows, and Linux devices.

Although the deadline passed on Friday, the hacker gang has yet to carry out its threat.