Samsung hacked, source code stolen — is your phone at risk?

Samsung Galaxy S22 review
(Image credit: Tom's Guide)

Samsung today (March 7) confirmed that its internal databases had been hacked and source code for Galaxy smartphones and tablets stolen, but insisted that no customer data was affected.

"We were recently made aware that there was a security breach relating to certain internal company data," Samsung said in a statement provided to SamMobile and Bloomberg News. "Immediately after discovering the incident, we strengthened our security system. 

"According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption."

Late Friday (March 4), the Lapsus$ hacker gang proclaimed that it had stolen 190 GB of data from Samsung, including source code for Samsung's TrustZone and Knox, biometric unlocking, bootloader, activation servers, account verification and even some proprietary Qualcomm code, according to Bleeping Computer.

Lapsus$ put the data online for free as a torrent file, so there's little Samsung can now do to control its spread. Oddly, the Lapsus$ crew don't seem to want any money for the data, and there's no indication that the group demanded a ransom from Samsung. The same hackers broke into Nvidia's servers last month as part of an extortion attempt.

What to do if you own a Samsung phone or tablet

So is your Samsung Galaxy device at risk? Probably not right away. Having proprietary source code out in the wild is bad for a company's bottom line, but it doesn't mean that devices running the code can immediately be hacked. 

After all, anyone can review Linux source code, yet that doesn't create a security risk for the millions of servers that run Linux (or for the hundreds of millions of phones that run Linux as part of Android).

That risk changes if it turns out there are big security flaws in Samsung's source code. Now that hundreds of researchers and hackers are poring over Samsung's code, they might find vulnerabilities that Samsung engineers missed. If criminals find Samsung flaws, they'll try to make money from them by exploiting them or selling the information to other crooks.

So what can you do? If you have a Samsung phone or tablet, update its software today before the bad guys can figure out a way to pervert Samsung updates. Change the password on your Samsung account, and enable two-factor authentication on the account if you haven't already.

In the longer term, install and use one of the best Android antivirus apps, which will spot and block known Android malware. And hold off on installing Samsung software updates after the middle of this week until it's clear that the updates will be safe.

TOPICS
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.

Read more
Google Pixel 9 held in the hand.
Google just fixed a zero-day kernel flaw used by hackers and 47 other vulnerabilities — update your Android phone right now
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
An open lock depicting a data breach
3.5 million hit in major law firm data breach — full names, SSNs, dates of birth, addresses and more exposed
Galaxy S25 Ultra Now brief
Samsung’s Personal Data Engine is a big addition to the Galaxy S25 — here’s why
Android 12
Google March Android Security Update fixes two high severity vulnerabilities — update now
Google Play logo on an android smartphone with corner hole punch camera
At least 5 North Korean spy apps have been found on Google Play — what you need to know
Latest in Online Security
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
A magnifying glass on top of the Steam logo in a web browser
Valve just pulled a malicious game demo spreading info-stealing malware from Steam
A man filing his taxes electronically on a laptop
AI-powered tax scams are here - how to stay safe from deepfakes, phishing and more this tax season
MacBook Pro 2023
New Mac attack is tricking users into thinking their computer is locked — how to stay safe
Hacker using a stolen social security card
Your Social Security number is a literal gold mine for scammers and identity thieves — here’s how to keep it safe
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Latest in News
Bill Gates in 2019
Bill Gates just predicted the death of every job thanks to AI — except for these three
NYTimes Connections
NYT Connections today hints and answers — Wednesday, March 26 (#654)
Gemini screenshot image
Google unveils Gemini 2.5 — claims AI breakthrough with enhanced reasoning and multimodal power
Samsung Galaxy Z Flip 6 review.
Samsung Galaxy Z Flip 7 design just teased in new cases leak — and the outer display is huge
Google Chrome
Chrome failed to install on Windows PCs, but Google has issued a fix — here's what happened
nyc spring day AI image
OpenAI just unveiled enhanced image generator within ChatGPT-4o — here's what you can do now