Hackers may have obtained 190GB of sensitive data from Samsung

The company says it's assessing the situation.

Valentyn Ogirenko / reuters

Some of Samsung’s confidential data has reportedly leaked due to a suspected cyberattack. On Friday, South American hacking group Lapsus$ uploaded a trove of data it claims came from the smartphone manufacturer. Bleeping Computer was among the first publications to report on the incident.

Among other information, the collective says it obtained the bootloader source code for all of Samsung’s recent devices, in addition to code related to highly sensitive features like biometric authentication and on-device encryption. The leak also allegedly includes confidential data from Qualcomm. The entire database contains approximately 190GB of data and is actively being shared in a torrent. If the contents of the leak are accurate, they could cause significant damage to Samsung.

According to The Korean Herald, the company is assessing the situation. We’ve reached out to Samsung for comment.

If Lapsus$ sounds familiar, it’s the same group that claimed responsibility for the recent NVIDIA data breach. In that incident, Lapsus$ says it obtained approximately 1TB of confidential data from the GPU designer, including, the group claims, schematics and driver source code. The collective has demanded that NVIDIA open source its drivers and remove the cryptocurrency mining limiter from its RTX 30-series GPUs. It’s unclear what, if any demands, Lapsus$ has made of Samsung. The group has previously said its actions haven’t been politically motivated.