LAPSUS$ data extortion group claims to have a huge collection of confidential data stolen from Samsung Electronics, which has confirmed a security breach. Credit: PeopleImages / Getty Images South Korean consumer giant Samsung has reportedly suffered a major data breach with extortion group LAPSUS$ claiming to have access to 190GB of Samsung information. Ransomware is believed to be the attack method used by LAPSUS$ to target Samsung, which has confirmed a security breach of certain internal company data. The incident comes just a week after the same group released a 20GB document archive from 1TB of data stolen from graphics chip maker Nvidia.Attackers claim to have 190GB of Samsung dataThe ransomware group first teased the data haul on Friday, March 4, with a snapshot of C/C++ directives in Samsung software. A description of the leak was subsequently published that cited source code for every Trusted Applet installed in Samsung’s TrustZone environment used for encryption, access control, and hardware cryptography. LAPSUS$ posted three torrent files adding up to 190GB, supposedly containing the stolen data. Included in the torrent was a short description for the content available in each of the three archives, according to Bleeping Computer:Part one contains a dump of source code and related data about Security/Defense/Knox/Bootloader/TrustedApps and various other items.Part two contains a dump of source code and related data about device security and encryption.Part three contains various repositories from Samsung Github: mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES.Samsung confirms security breach of internal company dataIn a statement to Bloomberg today, a Samsung spokesperson confirmed that a security breach had occurred. “There was a security breach relating to certain internal company data,” Samsung said. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.” Related content news Top cybersecurity product news of the week New product and service announcements from Coro, Descope, Genetec, Varonis, Cloudbrink, Databarracks, and Security Journey By CSO staff Dec 07, 2023 22 mins Generative AI Generative AI Machine Learning news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Cyberattacks Vulnerabilities news BSIMM 14 finds rapid growth in automated security technology Embrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing. By John P. Mello Jr. Dec 06, 2023 4 mins Application Security Network Security news Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending. By Gagandeep Kaur Dec 06, 2023 4 mins IT Jobs Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe