LoopPay, Which Created Tech Used In Samsung Pay, Breached By Chinese Hackers

LoopPay, Which Created Tech Used In Samsung Pay, Breached By Chinese Hackers
Hacker The Preiser Project CC BY 2.0

LoopPay became the target of a group of state-sponsored Chinese hackers who broke into the company’s systems. The breach, executed by Codoso Group, has been dated to March, which was a long time before Samsung acquired LoopPay – the company credited to the technology used in Samsung Pay – for $250 million, as reported by the New York Times. The technology was launched in the United States on September 28.


The breach was reported by a third party that was monitoring the Codoso hackers for a different attack. The group is believed to be supported by the Chinese government. Breaching into the LoopPay’s corporate system – but not the production system, according to Will Graylin, LoopPay’s chief executive and co-general manager of Samsung Pay – the group is known to leave behind backdoors that allow them to return to strike another attack, as was discovered by Microsoft, according to BBC. However, Samsung’s data doesn’t seem to have been affected, and the customer data has not been exposed.

Also read: US Personnel Data Breach: 5.6 Million People Affected In Hack, Latest Findings Reveal

The infected machines have been removed, according to the officials from LoopPay and Samsung. “Samsung Pay was not impacted and at no point was any personal payment information at risk,” according to Darlene Cedres, chief privacy officer of Samsung. “This was an isolated incident that targeted the LoopPay corporate network, which is a physically separate network. The LoopPay corporate network issue was resolved immediately and had nothing to do with Samsung Pay.”

Samsung Pay arrived in the United States 38 days after LoopPay was notified about the breach. Ponemon Institute, which monitors and tracks hacks, said that it takes 46 days for the breach to be completely resolved. In the case of LoopPay, however, it could take more time to fix the damage caused by the breach.

Like us on Facebook

“Once Codoso compromises their targets — which range from dissidents to C-level executives in the U.S. — they tend to stay there for quite a long time, building out their access points so they can easily get back in,” John Hultquist, the head of intelligence on cyberespionage at iSight Partners, a security firm, said. “They’ll come back to a previous organization of interest again and again.”

You might also be interested in: Fantasy Sports Cheating Scandal: NY To Investigate Matter For Misused Information