14 DAY TRIAL // Today, Samsung published an official statement regarding a security breach in one of the companies it bought and was responsible for technology integrated in the Samsung Pay mobile payments platform.
The announcement was made after The New York Times published a piece detailing the activities of a Chinese hacking group known as Codoso, previously known for running watering hole attacks on Forbes.com.
The Samsung subsidiary in question is LooPay, acquired by Samsung in February for $250 million / €221 million. According to the NY Times, hackers gained access to the company's internal corporate network in March, but the breach was discovered only in August, when a security vendor that was investigating the activities of the Codoso group stumbled upon some internal data belonging to LoopPay.
The company was informed and moved on to investigate the breach along Samsung, later concluding that the Samsung Pay platform which was launched in July in South Korea, and August in the US, was not affected.
No Samsung Pay credit card details were accessed
Both Samsung and LoopPay officials stressed that hackers only accessed the company's corporate network, and not the systems that managed Samsung Pay transactions or any of the MST technology.
MST stands for Magnetic Secure Transmission and is a new technology incorporated in mobile payments, that besides the classic transmission of payment information via WiFi signals, can also convert the payment data into an electromagnetic field, which can be interpreted by classic card-swiping PoS terminals.
As the Samsung statement reads, "It’s worth reiterating that the reported incident was related to LoopPay’s office network which handles email, file servers and printing within the company. This network is physically separate from the production network that handles payment transactions and run by Samsung."
While the most obvious reason is that hackers infiltrated the network to steal customer data to sell in underground marketplaces, the breach's close vicinity to the Samsung acquisition news does not rule out a state-sponsored or cyber-espionage attack driven by "someone's" curiosity to know the terms of the deal.
