Samsung recently revealed that mobile payments subsidiary LoopPay was the target of a sophisticated cyber attack earlier this year.
According to the South Korean tech giant, a group of government-affiliated Chinese hackers – known in security circles as the Codoso Group or Sunshock Group – were responsible for the security breach. Data suggests the attackers had access to LoopPay as early as March although the company didn’t learn of the infiltration until August when a separate organization that tracks the group stumbled across LoopPay’s data.
Darlene Cedres, Samsung’s chief privacy officer, said its new mobile payment platform, Samsung Pay, was not impacted and at no point was any personal payment information at risk. Cedres added that the incident targeted the LoopPay corporate network which is a physically separate network and that the issue was resolved immediately upon discovery.
Will Graylin, LoopPay’s chief executive and co-general manager of Samsung Pay, told The New York Times that his company hired two private forensics teams to investigate the breach. Interestingly enough, LoopPay didn’t alert authorities regarding the matter as it didn’t believe any customer data was taken.
Samsung acquired Massachusetts-based startup LoopPay for an undisclosed sum in February 2015. LoopPay’s technology is an integral part of Samsung Pay, the mobile payments platform that launched late last month.
Image courtesy Don Emmert, Getty Images