Last week, South American hacking group Lapsus$ claimed it had stolen 190GB of confidential data, including source code, from the South Korean tech giant’s servers. The group also posted snapshots of the alleged data online. Samsung has now confirmed in a statement, without naming the hacking group, that there was a security breach, but it asserted that no personal information of customers was compromised. SEE: DDoS attacks that come combined with extortion demands are on the rise “We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system,” the company said. “According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.” On whether the company had received a demand for payments or was in negotiation to do so with any hacking group, a company spokesperson declined to comment on the matter. Hacking group Lapsus$ also claimed last month that it had stolen 1TB data from GPU giant Nvidia, while also posting snapshots of some of the data online.
In response last week, Nvidia also confirmed that some employee credential and proprietary information was stolen, but also said it doesn’t expect disruption to its business.