Samsung confirmed on Monday that it was the victim of a breach by a group of hackers who made off with the source code for the Galaxy Smartphone.

News of the breach came over the weekend when a Telegram channel associated with a ransomware syndicate called Lapsus$ claimed responsibility for the hack. The group claimed to have made off with 190 gigabytes worth of confidential data from Samsung.

According to Bleeping Computer, the hackers bragged about stealing sensitive data that included algorithms for all biometric unlock operations as well as source codes for activation servers at Samsung and the technology used for authorizing and authenticating Samsung accounts.

In a statement, Samsung confirmed that it was the victim of a breach and reassured customers that no personal information appears to have been stolen. The company did not specify when the hack took place or how Lapsus$ entered their networks, but said it was taking measures to enhance their security.

“According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption,” a spokesperson told Bloomberg News.

Lapsus$ has been described by threat researchers as an increasingly prolific player in the global, murky world of ransomware syndicates. Lapsus$ has been linked to ransomware attacks on Portugal’s largest television channel and Brazil’s health ministry.

Lapsus$ claimed responsibility for a hack of semiconductor manufacturer Nvidia, stealing 1 terabyte worth of data from the company. The group threatened to leak the data if Nvidia did not respond to their extortion attempts, but the company reportedly hacked the group’s servers to retake the data.

RELATED STORIES
Ransomware