Samsung admits source code of Galaxy phones was compromised in data breach

According to a report, Samsung has asserted that the personal data of its customers is still safe and has not been leaked.

Samsung has admitted that it suffered from a cybersecurity breach last week and that some of the company’s internal data, as well as source code for software for its Galaxy phones were stolen. According to a report by Bloomberg, the company has asserted that the personal data of users is still safe and has not been leaked.

Samsung is saying that it has taken some appropriate measures to prevent further breaches. The brand hasn’t revealed the name of the hacker group and it is also unclear whether they had stolen data related to encryption and biometrics. In a statement, Samsung only confirmed that no personal data of employees or customers was leaked.

“There was a security breach relating to certain internal company data. According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees,” Samsung said in a statement.

It is believed that the hacker group behind this data breach could be LAPSUS$. This is the same hacking group that stole proprietary information from Nvidia Corp’s networks. A 190GB of data was reportedly spotted on the group’s Telegram channel that LAPSUS$ claimed includes biometric authentication data of Samsung devices and bootloader source code to bypass some operating system controls.

“Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption,” the company said.

In other news, a few weeks back, a major security flaw in Samsung phones was reported by researchers at Tel Aviv University that could let hackers extract sensitive info. The cited source noted that the cryptographic keys were not implemented properly in Samsung devices through ARM’s TrustZone system.

The issues were reportedly discovered on phones such as Galaxy S8, Galaxy S9, Galaxy S10, Galaxy S20, and Galaxy S21. But, people don’t need to worry about this as Samsung has already patched the issues. The first security patch update was released back in August 2021. The company later released a few more updates to fix the vulnerability. But, make sure that your Samsung phone is up to date.