Samsung Breach: Did Lapsus$ Hackers Steal Galaxy Source Code?

<> on July 30, 2012 in San Jose, California.

Samsung has confirmed a rumored data breach in which hackers stole some Galaxy device source code, but the mobile device maker stopped short of blaming the Lapsus$ hacker group for the breach.

In a Samsung statement shared with multiple media outlets, Samsung said:

"We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system.

According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption."

Samsung did not mention whether the smartphone maker hired third-party MSSPs or incident response security companies to investigate the attack.

Alleged Lapsus$ Hacker Group Victims

Ahead of the Samsung statement, the Lapsus$ hacker group claimed that it had stolen roughly 190GB of data from the smartphone maker.

Additional  Lapsus$ ransomware attack victims include Nvidia, Impresa (a Portugal-based media conglomerate), Brazil’s Ministry of Health (MoH) and Brazilian telecom firm Claro, according to a TitanHQ overview of Lapsus$.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.