Samsung confirms Galaxy source code breach but says no customer information was stolen
On Monday, Samsung confirmed that the company had suffered from a cyberattack allegedly perpetrated by the Lapsus$ threat actor. However, Samsung states that it does not believe any customer information was stolen during the breach. Lapsus claimed to have taken 190GB of confidential data, including source code, from Samsung. Lapsus is a Latin American hacking group that typically posts proof of the data theft on a leak site or other dark web forums. Samsung has not identified Lapsus as the group behind the attack.
Samsung conducted an initial investigation into the breach, finding that it involved some source codes related to Galaxy devices, however, the information obtained by the threat actor does not appear to pertain to employees or customers. Samsung has reportedly implemented additional measures to ensure that it is better protected in the future. Samsung declined to answer whether it had received a demand for payments. Last month, Lapsus$ also claimed to have hacked into GPU giant Nvidia, stealing 1 TB of data. In this instance, the threat group also claimed to post snapshots of the data online.