There was a massive Samsung hack, but your personal data is safe

Hackers managed to steal several gigabytes worth of internal company data from Samsung, the South Korean corporation confirmed on Monday.

Over the weekend, the Lapsus$ hacking group shared a note revealing the contents of their hack. The screenshots suggest that the group was able to obtain around 190GB of data. The data includes the source code for Galaxy devices, algorithms for its biometric authentication, repositories from Samsung’s GitHub, and much more. The hackers then packaged all of the stolen material into a torrent file that is currently making the rounds.

Samsung hackers steal Galaxy source code

This is unquestionably a major incident that could cause rather significant problems for the company going forward. The silver lining, if there is one, is that the hackers were not able to steal any personal data from Samsung customers. Additionally, Samsung says that it has put new measures in place to prevent any further breaches.

Samsung shared the following statement with Bloomberg in regards to the hack:

There was a security breach relating to certain internal company data. According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.

Lapsus$ is making a name for itself

Notably, this is the second major breach by the hacking group Lapsus$ in the past week. Just days ago, Nvidia announced that it was “aware of a cybersecurity incident which impacted IT resources.” Lapsus$ claimed responsibility for the data breach immediately. Then the group began leaking the credentials of Nvidia employees online.

According to Have I Been Pwned, the group leaked “over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.” The breach occurred on February 23rd, 2022.

Tom’s Hardware reports that Nvidia has over 20,000 employees worldwide. This would suggest that the data breach could have included former employees as well as current employees. Beyond the employee credentials, Lapsus$ also got its hands on two code signing certifications. Both are expired, but can still be used for driver signing purposes:

In the case of the Nvidia hack, Lapsus$ attempted to blackmail the company. The group’s demands were for Nvidia to make all current and future GPU drivers open source by Friday, March 4th. If the company did not comply, the group would “release the complete silicon, graphics and computer chipset files for all recent Nvidia GPUs.”

As of Monday morning, it doesn’t appear that Lapsus$ has made any similar demands regarding Samsung’s data. Lapsus$ maintains a public Telegram group where it shares updates about its exploits. If any developments occur with the Samsung or the Nvidia hack, it’s more than likely that the hackers will share details within that group.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.