The group that claimed responsibility, Lapsus$, has also posted 190GB worth of data that they say they have managed to take from Samsung. According to the group, this data contains “confidental Samsung source code”, which apparently is for every Trusted Applet in Samsung’s TrustZone environment.
For those unfamiliar, this is where a lot of sensitive tasks are being handled, such as hardware cryptography and access control, along with biometric unlock algorithms. It also contains data like the bootloader source, activation server source code, and more. This means that in theory, those who are able to access this code could potentially reverse engineer it.
Speaking to the Korea Herald, Samsung has told the publication that they are currently assessing the situation, but it is unclear how the company plans to move forward and how badly affected current Samsung devices are as a result of all this data being posted online.