article featured image


Lapsus$, a cyber extortion gang that had previously targeted Nvidia, claimed responsibility for a massive Samsung data breach that it had orchestrated.

The hackers claimed to have stolen around 200GB of compressed material from Samsung servers, which included sensitive documentation, code, and other proprietary information, among other things.

Lapsus$ Hacked Samsung


The breach comes less than a week after Lapsus$ made public a 20GB document collection of  1TB of material obtained from an Nvidia GPU designer by the hacker collective Lapsus$.

What Happened?

According to a message the extortion gang teased about exposing Samsung data in the form of a snapshot of C/C++ instructions in Samsung software in the near future.

Samsung Was Hacked


Lapsus$ issued a summary of the imminent leak shortly after tantalizing their followers, claiming that it contained “secret Samsung source code” that was obtained via a hack.

BleepingComputer reports that if the Lapsus$ claim is real, Samsung has experienced a catastrophic data breach that has the potential to do significant harm to the corporation.

The leaked data has been divided into three compressed files totaling nearly 190GB.

Lapsus$ made available a short summary of the information accessible in each of the three archives included in the leak, with part 1 comprising a dump of source code and associated data about Security/Defense/Knox/Bootloader/TrustedApps and numerous other things, part 2 containing a dump of source code and related data about various other items, and part 3 being a collection of repositories from Samsung Github, including mobile defensive engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store).

At this time it remains unknown if Lapsus$ attempted to contact Samsung in order to demand a ransom, as they allegedly did in the case of Nvidia.

Update: Samsung Confirmed the Ransomware Attack

It was announced on Monday, the 7th of March, by Samsung Electronics that its network had been penetrated and that the hackers had stolen secret material, including source code from Galaxy handsets, from it.

There was a security breach relating to certain internal company data.

According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.


If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Dora Tudor

Cyber Security Enthusiast

linkedin icon

Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.

Leave a Reply

Your email address will not be published. Required fields are marked *

Protect your business by doing more with less

Book a Demo