Hackers leak 190GB of data allegedly from Samsung, includes source code and biometric unlocking algorithms

The Lapsus$ hacking group has just leaked a huge collection of data that they claim to be from Samsung.

The leaked data is presently being shared on a torrent and is presented as three compressed files that amount to nearly 190GB. At the time of writing, the report says they are more than 400 peers sharing the file.

And earlier, the group posted a screenshot with C/C++ directives in a Samsung software earlier. And according to the group, the torrent contains data of the following:

• Source code for every Trusted Applet (TA) installed in Samsung's TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
• Algorithms for all biometric unlock operations
• Bootloader source code for all recent Samsung devices
• Confidential source code from Qualcomm
• Source code for Samsung's activation servers
• Full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services

If it looks bad, that's because it is. If the claims are accurate, Samsung is looking at a major breach that could cause substantial damage to the company.

Lapsus$ is the same group behind the recent NVIDIA breach. They are demanding the graphics giant remove limitations on cryptocurrency mining or they will leak the company's source code.

However, it is unknown at this time if they have made similar demands of Samsung.

In a statement to The Korea Herald, Samsung says it is investigating the incident.

Most recently, Samsung was caught throttling the performance of some apps.

READ ALSO: Samsung investigates reports of Galaxy phones throttling apps

This article was first published in Hardware Zone.