Hackers Breached LoopPay's Office Network, Not Systems Used By Samsung Pay
LoopPay which was acquired in February by Samsung recently suffered a security breach. As per an analyst the breach was done to spy than gathering consumer data for profit.
The analyst said that the worst is yet to come. Samsung acknowledging the attack on LoopPay said hackers only breached LoopPay's office network, not systems used by Samsung Pay.
The affected servers have been isolated and no personal payment information was put at risk, according to Samsung. According to the New York Times, said Ken Westin, a senior security analyst at threat-detection software company TripWire, said if the breach was carried out by the notorious Codoso Group in China it wasn’t intended to steal consumer data for sale.
It was told that the Codoso Group has been linked to large-scale attacks on major defense, finance and other organizations, including websites related to the Uyghur minority in China.
Westin said in a statement that the hackers probably wanted the access to LoopPay's code, possibly to develop the capability to collect information on individuals.
Alex Holden, CEO of the consultancy Hold Security, agreeing on the point said Codoso might have been wanting to know who bought what and when.
“I would be cautious, as you should be with any new sort of payment service, but I don't think this is a reason not to use the service at this time”, he said.
LoopPay's network was breached in February, shortly before Samsung bought the Massachusetts startup for US$250 million, the Times said.
It is sad that the hackers were in the network for about five months before LoopPay discovered the breach in late August.