Skip to main content
  1. Home
  2. Mobile
  3. News

Samsung Pay wasn’t breached in state-sponsored LoopPay hack, executives say

By

samsung pay first us birthday mobile payment
Image used with permission by copyright holder
LoopPay — the Massachusetts-based company that Samsung acquired in February and the developer behind one of Samsung Pay’s core technologies — stores a lot of valuable data behind its virtual walls. Data so valuable, in fact, that the company’s servers were recently the target of state-sponsored hackers. The New York Times reports that as early as March, a team of government-affiliated Chinese hackers known as the Codoso Group managed to infiltrate LoopPay’s corporate network.

The apparent target of the breach was LoopPay’s technology. Unlike Apple Pay and Android Pay, LoopPay uses magnetic secure transmission (MST), a radio-based mechanism that wirelessly emulates a credit card swipe. While most tap-and-pay mobile wallets require a point-of-sale system with near-field communication (NFC) capabilities, Samsung says MST works with with “90 percent” of legacy terminals in use by U.S. retailers.

Recommended Videos

“Samsung Pay was not impacted and at no point was any personal payment information at risk.”

LoopPay, which became aware of the breach in late August, told the New York Times an ongoing investigation had found no evidence that the hackers accessed sensitive customer data. Will Graylin, LoopPay chief and co-general manager of Samsung Pay, told the Times that the group wasn’t able to breach the system that stores payment information. Samsung executives echoed those assurances.

“Samsung Pay was not impacted and at no point was any personal payment information at risk,” said Samsung’s chief privacy officer Darlene Cedres in a statement. “This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network. The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay.” Samsung also said the breach won’t impact the U.S. rollout of Samsung Pay, which began a little over a month ago.

Some security analysts believe the extent of the damage may take weeks to uncover. The Codoso Group had access to LoopPay’s corporate servers for five months before a third-party company stumbled upon signs of the breach. And in an attack on Forbes perpetrated by the Codoso Group last November, later forensics revealed the presence of resilient backdoors to the news organization’s infrastructure.

LoopPay has hired two private security teams to investigate the breach. The company hasn’t notified law enforcement because it believes “no customer data or financial information had been stolen,” the Times reports.

The hack is the latest in a series of Chinese attacks on high-profile U.S. targets. A breach of the U.S. Office of Personnel Management’s (OPM) network in June affected four million state employee records, and in 2011, a Chinese state-affiliated group managed to breach the U.S. Chamber of Commerce.

Editors' Recommendations

Topics
Kyle Wiggers
Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
The Google Pixel 8a is official. Here’s everything that’s new
Someone taking a phone call on the aloe Google Pixel 8a.

A week ahead of its annual developers' conference, Google has dropped a new budget phone in its Pixel-A series. The Google Pixel 8a retains the line’s signature look with a horizontal camera island at the back, but serves it in a package that embraces rounded corners and also happens to be fractionally smaller and lighter

The most meaningful changes are reserved for the display, silicon, and battery. The OLED screen’s size remains the same at 6.1 inches with a resolution of 1080 x 2400 pixels. However, the refresh rate has been increased to 120Hz, up from the Google Pixel 7a's 90Hz display. This HDR-ready panel offers a peak brightness of up to 2,000 nits and also features a fingerprint sensor underneath.

Read more
Apple has quietly killed its cheapest iPad
Three 2021 iPads are stacked on a table.

The iPad lineup has received a price bump after Apple quietly killed its cheapest iPad model. Apple’s 9th-generation iPad used to cost $329, but has been discontinued. At the same time, the company has reduced the 10th-gen iPad’s starting price by $100, which means it’s now priced at $349. As a result, getting the cheapest iPad means you'll now spend $20 more than before.

The 9th-gen Apple iPad was launched in 2021 with the A13 chipset and Apple's Center Stage featur,e but retained the same old design with the already-old Lightning port and home button. With Apple moving to a USB-C port on all devices to comply with EU laws, it was inevitable that Apple would discontinue the 9th-gen iPad this year. The iPhone SE remains the only Apple product with a home button and a Lightning port that's still available in the company's lineup.

Read more
Best iPhone 15 deals: How to get Apple’s latest iPhone for free
The display on a green iPhone 15.

The Apple iPhone lineup isn’t often a place to turn for a discount, as Apple deals can be somewhat difficult to come by. The best phone deals often turn up discounts on less premium brands, but there are some ways to save on the iPhone 15, which is Apple’s most recent iPhone release. You’ll find some of the best iPhone 15 deals scattered across retailers, which is why we’ve done some of the heavy lifting and organized them all below. Among the best iPhone deals you’ll find below are some impressive savings even if you don’t have an old device to trade-in.

You can also shop the best refurbished iPhone deals if you’re looking for ultimate savings, and there are plenty of iPhone 14 deals to shop if having the most recent iPhone release isn’t of importance to you.
Today's best iPhone 15 deals

Read more