Samsung Pay acquired Loop Pay, a company behind Samsung Pay technology, in February of this year for $250 mil. But months before the Massachusetts subsidiary experienced a network security breach by Chinese hackers.
The hacker group behind this network security breach is Codoso Group and surprisingly user data was not the information they were hunting for. According to LoopPay and a report provided by New York Times hackers were after the technology behind Samsung Pay, used for transmitting payment information via encrypted magnetic signal sent from the Samsung phone.
After the news broke out Samsung made a statement:
Samsung Pay was not impacted and at no point was any personal payment information at risk. This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network from Samsung Pay.
The breach itself is very familiar to the attack initiated against Forbes.com in February, were cyber criminals were delivering malicious software using site’s Thought of the Day feature. As it is known Forbes.com attack was just a first part of the massive plan to hack into LoopPlay’s internal computer network. It should be noted that the company found out about the major breach 38 days before Samsung Pay was delivered to customers.
Cyber security researchers have been hunting for Codoso group for a long time. They are known to have attacked hundreds of corporations around the globe and since the attack was just discovered in August it is hard to state for sure that the target was only the Samsung Pay technology.