Hackers Breach Samsung’s LoopPay Mobile Payments
However Samsung Pay remains secure ahead of European launch later this year
Samsung has revealed that criminals were able to access one of the key technologies supporting its mobile payments service.
Hackers thought to be from China gained access to the office network of LoopPay for several months before the breach was detected, although nothing sensitive was thought to have been stolen from Samsung.
However, the attack on LoopPay has not led to any vulnerabilities in Samsung Pay, which launched just two weeks ago in the United States, and is set to roll out across Europe later this year, the company said.
Attacked
“The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay,” Samsung told Reuters in a statement, adding that Samsung Pay was part of its own mobile division and was on a physically separate network to LoopPay’s, giving the hackers no access to user data or other core information.
It also said that the three compromised LoopPay servers did not store sensitive information including technologies developed by the firm.
LoopPay created the technology that enables Samsung Pay to work with magnetic-stripe card readers, which offer a major advantage over services from Apple and Google as such readers are a common sight in many shops.
The company, which was set up in 2012, was acquired by Samsung in February this year as the phone maker geared up for a public launch of Samsung Pay with its Galaxy S6 and S6 Edge device.
The attack showed that no company is free from the risk of a breach, said Mark Bower, global director, enterprise data security for HP Data Security.
“If you store, process and collect sensitive data, especially payments and personal data, your business is on the radar of attackers, period.”
“Any company today has to assume a breach will happen and take more advanced threat mitigation measures. The payments business has learned the lesson hard over the years, and embraced far more powerful approaches to data security than traditional perimeter and storage encryption provides.”
All clued up on mobile payments? Try our quiz!