N.Y. Times: Samsung subsidiary Loop Pay, part of Samsung Pay, hacked by Chinese group

N.Y. Times: Samsung subsidiary Loop Pay, part of Samsung Pay, hacked by Chinese group
One of the advantages of Samsung Pay is that the mobile payment service works not only with retailers who use NFC wireless POS systems, but it also works with every retailer that swipes a credit card to ring up a transaction. That is due to the magnetic secure transmission used by Loop Pay, which was purchased last February by Samsung. With Loop Pay, Samsung Pay can be used at over 10 million retailers globally.

A report in today's New York Times says that less than a month after being purchased by Samsung, Chinese hackers were able to break into Loop Pay's computer systems. The hackers, known as the Codoso Group or Sunshock Group, were reportedly seeking Loop Pay's magnetic secure transmission technology. According to Will Graylin, LoopPay’s chief executive and co-general manager of Samsung Pay, the hackers broke into Loop Pay's corporate network, but could not penetrate the system that deals with payments.

The scary part of the story is that Codoso Group's hack into Loop Pay was carried out in March, but wasn't discovered until August. A group investigating the Codoso Group stumbled upon Loop Pay data. Loop Pay and Samsung both say that they are confident that all infected machines were removed, but some security experts say that it is premature to say exactly what the hackers were able to accomplish, since the hack was first discovered in August.


Samsung Pay launched in the U.S. on September 28th, after more than $30 million in transactions was rung up by the service in South Korea.



source: NYTimes

FEATURED VIDEO

40 Comments

1. darkkjedii

Posts: 30971; Member since: Feb 05, 2011

Not good!

3. TheMan

Posts: 494; Member since: Sep 21, 2012

Nope. that didn't take long...

14. BobbyBuster

Posts: 854; Member since: Jan 13, 2015

Typical for Sammy. Now Samsung Pay will be renamed to Samsung Pray or Samsung Prey.

18. 99nights

Posts: 1152; Member since: Mar 10, 2015

You're not even trying anymore.. zzzzzz

21. DoggyDangerous

Posts: 1028; Member since: Aug 28, 2015

everyone makes money with ios

24. Bernoulli

Posts: 4359; Member since: Sep 01, 2012

Samsung / LG and other android OEMs have yet to learn your ways.

23. Bernoulli

Posts: 4359; Member since: Sep 01, 2012

What happened to that slogan? Did that week vacation made your inner troll weak?

30. iLovesarcasm

Posts: 589; Member since: Oct 20, 2014

This news is made in China like an iPhone, therefore it's fake.

31. darkkjedii

Posts: 30971; Member since: Feb 05, 2011

lol good one.

4. SamsungPhanboy

Posts: 765; Member since: Mar 31, 2015

So tired of these hacker groups.

10. Nathillien unregistered

So, the hackers broke into Loop Pay's corporate network, but could not penetrate the system that deals with payments!!! Some weak sauce hackers.

35. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

What's not good. Can't you read? The statements says, yes they attacked and hacked Loop Pay's network, but this wasn't an attack on Samsung Pay. It attacked loop pay directly to try to steal their MST technology. NO SAMSUNG PAY CUSTOMERS WERE EFFECTED.

42. darkkjedii

Posts: 30971; Member since: Feb 05, 2011

You dumb ass troll, it's affected, not "effected". I don't even bother with your stupid ass, but I couldn't resist this one. Affect is used as a verb, effect is used as a noun as it relates to meaning. Here you go for affect: The whole town was "affected" by the blackout. Here you go for effect: The "effect" of the bomb, was not as great as anticipated. Now go away, and troll someone else. You're beneath what I come here for.

2. joevsyou

Posts: 1091; Member since: Feb 28, 2015

was before wide release, two they couldn't hack into the payment data, companies get targeted by hackers all the time so nothing really shocking there, It's a constant battle and like it or not it's going to happen but This just shows the security net for the payment data is much higher.

22. DoggyDangerous

Posts: 1028; Member since: Aug 28, 2015

dude, why we dont use just cash? I think crime rate is very high in america. ppl afraid to carry cash

37. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

Becaus eif I want to go buy a car and make a $10,000 downpayment, I would be foolish to carry cash. Because if your cash is stolen its lost. Cash on a card is protected by the bank. If you card is stolen or lost and then found and used and you reported it lost or stolen, you wont be held responsible for those charges and you get reimbursed almost immediately. Its not about crime per se. If you have a wallet full of cash and you drop it, you are SOL. Cards are safer, practical, will keep you from getting killed and the risk is far less. Has nothing to do with just crime. Even though armed robberies do happen here, they are not prevalent. Most people who get killed here, were not being robbed. Now if you carry an iPhone you might get killed as people will snatch them out your hand. That si why Apple added activation locks, something Samsung and Google had already. So if some steals your phone, it is locked to your email account and remote wipe capabilities were also introduced.

5. tedkord

Posts: 17312; Member since: Jun 17, 2009

These headlines. The corporate systems were hacked, not Samsung Pay. I've had constant free credit monitoring for years now because of data breaches. My Home Depot monitoring just expired, but the monitoring for a breach at a charity that I donated an old car to started last month. It's getting ridiculous, all these scumbags stealing.

34. 8ozchickenbreast unregistered

Why do you shop at Home Depot? Their stuff is absolute low quality crap that fails often. Cheap wood, cheap tools, screws break, nails snap, etc. Dont you have a Rings End or some other bang for your buck place around?

38. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

Millions of contractors here use Home Depot. They sell the same stuff sold at Lowe's and may other hardware store like Ace. No one is complaining about quality. You don't have to buy Home Depot branded products, you can buy other brand name products from them. You know this...right?

41. 8ozchickenbreast unregistered

No one is complaining about quality? Lol you are silly. Ive been working around contractors and carpenters my whole life. Home Depot is sh*t quality.

6. j2001m

Posts: 3061; Member since: Apr 28, 2014

What a loads of crap, it's like me saying Apple Pay got hacked because hackers got into Apple network just before Apple came out last year, as this did happen, what a load of crap The payment side of thing will be way more score than an office network The best part is Samsung moved to tokens anyways over the none token system loop pay was using and why it's not working with all banks in the USA, as this as to be linked to the banks, so the hackers will have got nothing from there hack at the time even if they got in the payment side, hahhahahahahhahahahhahahahh what a joke report

11. cncrim

Posts: 1586; Member since: Aug 15, 2011

Samsung pay is token base....... so it is best and safest away to shop anywhere, i trust it better more than debit with pin

7. 99nights

Posts: 1152; Member since: Mar 10, 2015

This is why I won't use any mobile pay system or any kind off pay pass system and I've said this would happen since the beginning of NFC style mobile payments.

9. cncrim

Posts: 1586; Member since: Aug 15, 2011

Lol than you dont know what are you talking about, pay with nfc it is safest compare to give your credit/debit card to someone you dont know. NFC Is it token transaction(mean the number is only good for one time use) credit/debit is one number can be use over and over. I guess in your case best one will be cash then until buy something is not same as advertise.

13. 99nights

Posts: 1152; Member since: Mar 10, 2015

That's why i said since the beginning of nfc style payments (which what they are)... dude read it properly instead of making yourself out to be a fool who can't read.

19. RoboticEngi

Posts: 1251; Member since: Dec 03, 2014

So you also don't use banks? I clearly remember several big US banks being hacked for more than 6 months.......or is that OK, when it wasn't samsung?

27. osbert

Posts: 125; Member since: Jul 02, 2014

[libelous citation needed]

40. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

Samsung wasn't hacked here either. Starbucks app was hacked which allowed hackers to take money from peoples bank accounts...NO MATTER THE BANK. BofA, Citi and US Bank have all been hacked more than once.

39. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

What happened? They didnt hack the payment service. So what exactly happened? Do you even know? NO BECAUSE YOU ARE AN ILLITERATE BLIND HALF READING UNEDUCATED MORON. "Samsung Pay was not impacted and at no point was any personal payment information at risk. This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network. The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay." Learn to read and comprehend. The LoopPay internal office network is what was hacked. Not the LoopPay payment system that Samsung purchased.

12. nctx77

Posts: 2540; Member since: Sep 03, 2013

This is what I hate about these half baked services by Samsung. It's going to affect mobile payments period.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.