Samsung’s Mobile Payment Partner LoopPay Hacked With Breach Undetected For Months


As our gadgets advance, so do their capabilities and features with smartphones become an integral part of your everyday life. What used to be limited to a means of communication and text messages has now transformed into an easy access for social media, information, entertainment, fitness and multimedia. And that's not where the buck stops rolling either. With the launch of services such as Android, Apple and Samsung Pay, our smartphones might become an effective replacement for our wallets quite soon as well.

Samsung's Mobile Payment Subsidiary LoopPay Hacked - Korean Company Claims No Breach

After Apple's launch of Apple Pay, we saw Samsung announce similar plans for its services as well, which could very well end up gaining dominance in the mobile payments framework. Samsung's acquisition of LoopPay this March marked the company's official entry into the mobile payments spectrum and with the acquisition, the Korean company seemed to have an ace in the hole.

Why so? Because when compared to Android and Apple Pay, Samsung's system based on LoopPay's technology also supports Magnetic Secure line transmission, which is more widely available in terminal across the US. Apple and Google's systems choose to rely solely on NFC, which has yet to see a mass market adoption. But if you're a Samsung Pay user, you might be alarmed to hear, that LoopPay's systems were hacked by Chinese hackers just one month after Samsung's acquisition, claims the New York Times.

According to the Times, a hacking group based in China and dubbed as Codeso breached LoopPay's systems in February and was after the company's Magnetic Secure Transmission data, that's also used in majority of its Samsung Pay services, as mentioned above. The company discovered the breach after four months, in August, after the company's data was discovered by investigators targeting Codeso. Will Graylin, CEO LoopPay claims that no Samsung data was compromised in the breach, as the company's production system that's affiliated with MST payments was not compromised.

Experts are still looking into the company's systems however, but more evidence is still to surface. “Samsung Pay was not impacted and at no point was any personal payment information at risk. This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network. The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay.” Darlene Cedres, Samsung’s chief privacy officer elaborated.

As far as Codoso goes, the group is notorious for previous data breaches as well, with it already having targeted Forbes and the US Chamber of Commerce before. The group's targets have revolved around defense and national security matters, and sets up footholds in compromised systems, that transmit data months after the initial breach. As a company that continues to grow in scale, LoopPay's breach isn't good news for Samsung at all. We'll keep you updated as this develops.