As Samsung discloses a security issue, an extortion gang teases 190GB of stolen data.
LAPSUS$ data extortion group claims to have a huge collection of confidential data stolen from Samsung Electronics, which has confirmed a security breach.
Extortion gang LAPSUS$ claims to have access to 190GB of Samsung data following a significant data breach at South Korean consumer behemoth Samsung. LAPSUS$ is thought to have utilised ransomware to target Samsung, which has verified a security compromise of sensitive internal business data. The event occurred only a week after the same firm published a 20GB document archive from 1TB of data.
According to the attackers, they have 190GB of Samsung data.
领英推荐
On Friday, March 4, the ransomware gang teased the data haul with a picture of C/C++ directives in Samsung software. Following that, a description of the breach was provided, which included source code for every Trusted Applet installed in Samsung's TrustZone environment, which is used for encryption, access control, and hardware cryptography. LAPSUS$ sent three torrent files totalling 190GB, ostensibly containing the stolen data. According to Bleeping Computer, the torrent included a brief explanation of the information accessible in each of the three archives:
Samsung discloses a data security issue involving internal business data. A spokesman for Samsung verified the security problem. "There was a security compromise involving specific internal corporate data," according to Samsung. "Based on our first findings, the hack contains some source code related to the functioning of Galaxy devices but does not include any personal information about our customers or staff." We do not foresee any impact on our business or customers at this time. We have put in place safeguards to prevent similar situations in the future, and we will continue to service our clients without interruption."