Samsung Pay wasn’t breached in state-sponsored LoopPay hack, executives say

samsung pay first us birthday mobile payment
LoopPay — the Massachusetts-based company that Samsung acquired in February and the developer behind one of Samsung Pay’s core technologies — stores a lot of valuable data behind its virtual walls. Data so valuable, in fact, that the company’s servers were recently the target of state-sponsored hackers. The New York Times reports that as early as March, a team of government-affiliated Chinese hackers known as the Codoso Group managed to infiltrate LoopPay’s corporate network.

The apparent target of the breach was LoopPay’s technology. Unlike Apple Pay and Android Pay, LoopPay uses magnetic secure transmission (MST), a radio-based mechanism that wirelessly emulates a credit card swipe. While most tap-and-pay mobile wallets require a point-of-sale system with near-field communication (NFC) capabilities, Samsung says MST works with with “90 percent” of legacy terminals in use by U.S. retailers.

“Samsung Pay was not impacted and at no point was any personal payment information at risk.”

LoopPay, which became aware of the breach in late August, told the New York Times an ongoing investigation had found no evidence that the hackers accessed sensitive customer data. Will Graylin, LoopPay chief and co-general manager of Samsung Pay, told the Times that the group wasn’t able to breach the system that stores payment information. Samsung executives echoed those assurances.

“Samsung Pay was not impacted and at no point was any personal payment information at risk,” said Samsung’s chief privacy officer Darlene Cedres in a statement. “This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network. The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay.” Samsung also said the breach won’t impact the U.S. rollout of Samsung Pay, which began a little over a month ago.

Some security analysts believe the extent of the damage may take weeks to uncover. The Codoso Group had access to LoopPay’s corporate servers for five months before a third-party company stumbled upon signs of the breach. And in an attack on Forbes perpetrated by the Codoso Group last November, later forensics revealed the presence of resilient backdoors to the news organization’s infrastructure.

LoopPay has hired two private security teams to investigate the breach. The company hasn’t notified law enforcement because it believes “no customer data or financial information had been stolen,” the Times reports.

The hack is the latest in a series of Chinese attacks on high-profile U.S. targets. A breach of the U.S. Office of Personnel Management’s (OPM) network in June affected four million state employee records, and in 2011, a Chinese state-affiliated group managed to breach the U.S. Chamber of Commerce.


After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.

Saving for a vacation? Here are the best apps to help you manage your wealth

Looking to start managing your money, but don't care for intricate software or spreadsheets? Lucky for you, we made a list of the best budgeting apps designed to help you rein in your expenditures.

Here are the 5 of the best antivirus solutions for your small business

Getting your business off the ground is hard enough, and dealing with viruses, hackers, and security breaches only makes it harder. These 5 antivirus solutions can help keep you protected.

iPad Air vs. iPad Mini: Which new tablet from Apple is best for you?

Apple has unveiled two new iPad models, including a new iPad Air and a new iPad Mini. Both devices have a lot to offer. But which iPad is right for your needs? We put the iPad Air and iPad Mini to the test to find out.

The best Apple AirPods alternatives for Android, Windows, and iOS devices

Apple AirPods, nice as they are, aren't the only game in town. Other makers are offering their own truly wireless earbuds, and if you're looking to buy a pair of high-end in-ear headphones, we've got the best AirPod alternatives on the…

Even older Apple Watches could be effective at spotting heart conditions

The Apple Watch Series 4 is known for detecting heart conditions like atrial fibrillation thanks to having an electrocardiograph feature. It turns out that older Apple Watches could be effective at tracking AFib, too.

The Black Shark 2’s Ludicrous Mode promises the smoothest mobile gaming

Xiaomi-backed Black Shark has a follow-up to last year's Black Shark gaming phone, complete with high specs and a low price. Here's everything we know about the Black Shark 2 gaming phone.

Need a new tablet? Here are the best iPad deals for March 2019

In the wide world of tablets, Apple is still the king. If you're on team Apple and just can't live without iOS, we've curated an up-to-date list of all of the best iPad deals currently available for March 2018.

Amazon drops price on Apple Watch Series 4 with a rare deal

Since Apple first unveiled the Series 4, the price for one has pretty much held fast. This has finally started to change with a nice little $15 discount on Amazon. If you've been wanting the newest Apple Watch, now is a great time.

Sending SMS messages from your PC is easier than you might think

Texting is a fact of life, but what to do when you're in the middle of something on your laptop or just don't have your phone handy? Here's how to send a text message from a computer, whether you prefer to use an email client or Windows 10.

Google's midrange Pixels might be called the Pixel 3a and Pixel 3a XL

The Google Pixel 3 and Pixel 3 XL are considered to be two of the best Android smartphones, but it looks like Google could be prepping a midrange line. Say hello to the Pixel 3a and Pixel 3a XL.

Angry Birds AR: Isle of Pigs brings 3D demolition into your living room

Angry Birds is releasing its next entry in the spring of 2019 - with a new spin. Bringing 3D environments and destruction, Angry Birds AR: Isle of Pigs uses augmented reality to add a new dimension to a classic series.

Whether by the pool or the sea, make a splash with the best waterproof phones

Whether you're looking for a phone you can use in the bath, or you just want that extra peace of mind, waterproof phones are here and they're amazing. Check out our selection of the best ones you can buy.