Click to Skip Ad
Closing in...
  1. Amazon Gift Card Promotion
    14:41 Deals

    Amazon’s giving away $15 credits, but this is your last chance to get one

  2. Control Garage Door With iPhone
    08:10 Deals

    Unreal deal gets you Amazon’s hottest smart home gadget for $23 – plus a $40 c…

  3. Self-Emptying Robot Vacuum
    16:11 Deals

    Amazon coupon slashes our favorite self-emptying robot vacuum to its lowest price ever

  4. Amazon Deals
    07:58 Deals

    10 deals you don’t want to miss on Saturday: $5 Alexa smart plugs, $110 electric sta…

  5. Amazon Echo Auto Price
    11:41 Deals

    Last chance to add hands-free Alexa to your car for $19.99 with this Amazon deal

Main company behind Samsung Pay tech breached by Chinese hackers

October 7th, 2015 at 7:45 PM
Samsung Pay LoopPay Hack

One of the big new features Samsung has been touting this year is Samsung Pay, or Samsung’s own Apple Pay rival that it touted as “ready to go” at more shops than Apple Pay could ever reach, as it didn’t require special hardware from retailers.

At the same time, though, Chinese hackers were breaching the computer network of LoopPay, a startup Samsung bought in February for more than $250 million, which is responsible for part of the technology that makes Samsung Pay work.

LoopPay only learned about the breach in August, at a time when Samsung was preparing to launch the service in the U.S.

DON’T MISS: Why is Burger King’s scary black whopper causing an outbreak of green poop?

The hackers, identified as the Codoso Group or Sunshock Group by those who track them, looked to steal the company’s technology that’s employed in Samsung Pay. Known as magnetic secure transmission or MST, the technology works with older payment systems that lack NFC support, emulating the magnetic stripe card.

The attackers have apparently broken into LoopPay’s corporate network, but they have not breached the production system that helps manage payments, LoopPay CEO Will Graylin told The New York Times.

There are no indications that hackers infiltrated Samsung’s systems or that they have accesses consumer data.

“Samsung Pay was not impacted and at no point was any personal payment information at risk,” Samsung’s chief privacy officer Darlene Cedres said in a statement. “This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network. The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay.”

Unidentified people familiar with the matter and experts tracking the Codoso hackers say it’s premature to say what the hackers were able to do since they were discovered only in August, five months after the breach.

The same group of hackers, whose modus operandi includes staying hidden in a breached network and planting back doors, attacked Forbes in February with malicious code that was then able to infect visitors of the site.

It’s not clear at this time whether the hackers looked to breach Samsung Pay or simply to steal the data necessary to replicate the LoopPay payment system. Graylin downplayed concerns that hackers might want to steal user data or create a copycat product.

The company is working with two forensic teams on the breach but has not contacted law enforcement.

Samsung Pay was launched in the U.S. 38 days after the hack had been discovered. On average, it takes 46 days for a hacker attack to be fully resolved, according to the Ponemon Institute, which tracks such events.

Chris Smith started writing about gadgets as a hobby, and before he knew it he was sharing his views on tech stuff with readers around the world. Whenever he's not writing about gadgets he miserably fails to stay away from them, although he desperately tries. But that's not necessarily a bad thing.

Popular News