190GB of Samsung Data Leaked [Update]
Lapsus$ Data Extortion Group Leaked a Huge Collection of Confidential Data.
Lapsus$, a cyber extortion gang that had previously targeted Nvidia, claimed responsibility for a massive Samsung data breach that it had orchestrated.
The hackers claimed to have stolen around 200GB of compressed material from Samsung servers, which included sensitive documentation, code, and other proprietary information, among other things.
The breach comes less than a week after Lapsus$ made public a 20GB document collection of 1TB of material obtained from an Nvidia GPU designer by the hacker collective Lapsus$.
According to a message the extortion gang teased about exposing Samsung data in the form of a snapshot of C/C++ instructions in Samsung software in the near future.
Lapsus$ issued a summary of the imminent leak shortly after tantalizing their followers, claiming that it contained “secret Samsung source code” that was obtained via a hack.
BleepingComputer reports that if the Lapsus$ claim is real, Samsung has experienced a catastrophic data breach that has the potential to do significant harm to the corporation.
The leaked data has been divided into three compressed files totaling nearly 190GB.
Lapsus$ made available a short summary of the information accessible in each of the three archives included in the leak, with part 1 comprising a dump of source code and associated data about Security/Defense/Knox/Bootloader/TrustedApps and numerous other things, part 2 containing a dump of source code and related data about various other items, and part 3 being a collection of repositories from Samsung Github, including mobile defensive engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store).
At this time it remains unknown if Lapsus$ attempted to contact Samsung in order to demand a ransom, as they allegedly did in the case of Nvidia.
Update: Samsung Confirmed the Ransomware Attack
It was announced on Monday, the 7th of March, by Samsung Electronics that its network had been penetrated and that the hackers had stolen secret material, including source code from Galaxy handsets, from it.
There was a security breach relating to certain internal company data.
According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.