The Lapsus$ threat group has again performed a massive cyber-attack after recently targeting Samsung and leaking nearly 200GB worth of propriety data. The Korean tech giant was attacked right after the threat group’s attack on Nvidia that leaked over 1TB of data to the dark web.
From a statement released by the threat group, they revealed that they had infiltrated Samsung’s confidential source code for some of its applications installed inside their TrustZone environment. Furthermore, Lapsus$ was also able to access some confidential files of Qualcomm, another giant tech firm.
Nonetheless, Samsung clarified that the data breach incident had only affected the source codes associated with the operation of their Galaxy series of devices but not their consumers’ and employees’ sensitive data.
Samsung has not revealed further details regarding the allegedly infiltrated data from the source code of their Galaxy devices.
Despite the claims of the Lapsus$ threat group stealing critical data from the tech giant, Samsung assured that the hackers had not taken any personal data from anyone.
They also added that there is no expected impact from the incident on their business operations and customers and have already implemented the proper measures to mitigate it and avoid the same situation from happening again.
A Samsung spokesperson explained that upon discovering the security breach against the company, they had taken immediate actions, including strengthening their security systems and teaming up with cybersecurity professionals and consultants.
The threat group allegedly originated from Brazil or South America since there have been traces of the group previously executing attacks against the Brazilian law enforcement and government.
Reports say that these recent attack threats posed by Lapsus$ are currently not linked with the ongoing conflict between Russia and Ukraine. Nevertheless, security experts closely monitor all hackers’ attack activities, leading to significant associations with the war.