Samsung has confirmed that a hacking group that stole data from microchip giant Nvidia last week has also infiltrated its systems and leaked confidential source code and algorithms of its various technologies.
Lapsus$, an organization of hackers, claimed responsibility for the data breach in a post on the encryption messaging platform Telegram.
It claimed to have successfully broken into applets that are installed in Samsung’s TrustZone and obtained their source code.
Samsung uses the source code to enable phones to perform sensitive operations, algorithms for biometric unlock operations, and bootloader source code for recent Galaxy devices, according to TechCrunch.
The hacked data is also believed to include confidential information from chipmaker Qualcomm, which is a major supplier of Samsung.
Obtaining source code allows hackers to potentially locate vulnerabilities in a device’s security system, exposing the user to possible data theft.
Samsung released a statement to TechCrunch confirming there was a “security breach” but added that it did not affect customers’ or employees’ personal data.
“According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees,” the Samsung statement said.
“Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
There is no word as to whether Lapsus$ sought a ransom from Samsung.
The hackers wanted Nvidia to disable its Lite Hash Rate feature, which makes it harder to mine cryptocurrency without reducing gaming performance, and to make its graphics chip drivers for macOS, Windows, and Linux devices open-source.
Nvidia was given a Friday deadline to meet the hackers’ demands, which it declined to do.