Skip to main content
  1. Home
  2. Mobile
  3. News

Samsung Pay wasn’t breached in state-sponsored LoopPay hack, executives say

Kyle Wiggers
By

samsung pay first us birthday mobile payment
Image used with permission by copyright holder
LoopPay — the Massachusetts-based company that Samsung acquired in February and the developer behind one of Samsung Pay’s core technologies — stores a lot of valuable data behind its virtual walls. Data so valuable, in fact, that the company’s servers were recently the target of state-sponsored hackers. The New York Times reports that as early as March, a team of government-affiliated Chinese hackers known as the Codoso Group managed to infiltrate LoopPay’s corporate network.

The apparent target of the breach was LoopPay’s technology. Unlike Apple Pay and Android Pay, LoopPay uses magnetic secure transmission (MST), a radio-based mechanism that wirelessly emulates a credit card swipe. While most tap-and-pay mobile wallets require a point-of-sale system with near-field communication (NFC) capabilities, Samsung says MST works with with “90 percent” of legacy terminals in use by U.S. retailers.

Recommended Videos

“Samsung Pay was not impacted and at no point was any personal payment information at risk.”

LoopPay, which became aware of the breach in late August, told the New York Times an ongoing investigation had found no evidence that the hackers accessed sensitive customer data. Will Graylin, LoopPay chief and co-general manager of Samsung Pay, told the Times that the group wasn’t able to breach the system that stores payment information. Samsung executives echoed those assurances.

“Samsung Pay was not impacted and at no point was any personal payment information at risk,” said Samsung’s chief privacy officer Darlene Cedres in a statement. “This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network. The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay.” Samsung also said the breach won’t impact the U.S. rollout of Samsung Pay, which began a little over a month ago.

Some security analysts believe the extent of the damage may take weeks to uncover. The Codoso Group had access to LoopPay’s corporate servers for five months before a third-party company stumbled upon signs of the breach. And in an attack on Forbes perpetrated by the Codoso Group last November, later forensics revealed the presence of resilient backdoors to the news organization’s infrastructure.

LoopPay has hired two private security teams to investigate the breach. The company hasn’t notified law enforcement because it believes “no customer data or financial information had been stolen,” the Times reports.

The hack is the latest in a series of Chinese attacks on high-profile U.S. targets. A breach of the U.S. Office of Personnel Management’s (OPM) network in June affected four million state employee records, and in 2011, a Chinese state-affiliated group managed to breach the U.S. Chamber of Commerce.

Editors' Recommendations

Topics
Kyle Wiggers
Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
How to view Instagram without an account
An iPhone 15 Pro Max showing Instagram via a web browser.

Instagram is one of the largest social media platforms on the planet. Whether you want to share a family photo, what you had for lunch at your favorite cafe, or a silly video of your cat, Instagram is the place to do it.

Read more
Something odd is happening with Samsung’s two new budget phones
A person holding the Samsung Galaxy A35 and Galaxy A55.

The Samsung Galaxy A35 (left) and Galaxy A55 Andy Boxall / Digital Trends

I’ve been using the Samsung Galaxy A55 for almost two weeks and have now swapped my SIM card over to the Samsung Galaxy A35. These are the latest entries in Samsung's budget-minded Galaxy-A series. In all honestly, I can barely tell the difference between them.

Read more
Learn 14 languages: Get $449 off a lifetime subscription to Babbel
A person using the Babbel app on their smartphone.

Learning a new language no longer requires you to make time for formal classes because there are now several language learning apps that you can tap. One of them is Babbel, and you can currently get a lifetime subscription to the online learning platform for only $150 from StackSocial. That's $449 off its original price of $599, but we don't know how much time is remaining before the offer expires. If you want to take advantage of the 74% discount, it's highly recommended that you complete the transaction immediately.

Why you should buy the Babbel lifetime subscription
A lifetime subscription to Babbel not only unlocks the possibility of learning one or two new languages, as the platform encompasses a total of 14 languages: English, French, Spanish, German, Italian, Portuguese, Swedish, Turkish, Dutch, Polish, Indonesia, Norwegian, Danish, and Russian. You'll be learning your new language of choice with lessons that only take 10 minutes to 15 minutes each to complete, so unlike classes with a rigid schedule, you can learn at your own pace and at any time you're free through Babbel. The lessons cover real-life topics, and they use speech recognition technology to help you master pronunciation. You'll then test yourself through personalized review sessions that will help make sure that you retain all the information that's being taught to you.

Read more