Samsung confirms hack on LoopPay subsidiary

Korean electronics giant Samsung has confirmed its LoopPay payments subsidiary was hacked, but maintains no personal information was breached in the incident.

The New York Times reported earlier this week that LoopPay had been breached by Chinese hackers, known as the Codoso or Sunshock Group, around five months ago.

Three servers handling email, file storage and print services on LoopPay's office network were discovered to have been compromised by the hackers in August this year, the NYT wrote. The initial attack occurred in March.

Samsung later issued a response, confirming the attack on LoopPay and claiming its Samsung Pay payments service - on which LoopPay is based - was not impacted. It said no user information was accessed.

"This was an isolated incident that targeted the LoopPay office network, which is a physically separate network from Samsung Pay. The LoopPay incident was resolved and had nothing to do with Samsung Pay," the Korean company said.

Samsung said it is confident its Pay service was "safe and secure". 

"Each transaction uses a digital token to replace a card number. The encrypted token combined with certificate information can only be used once to make a payment," Samsung said.

"Merchants and retailers can’t see or store the actual card data."

Samsung bought the mobile payments operator in February this year, as a direct play to rival Apple Pay. LoopPay turns magnetic strip readers in point of sales terminals into contactless transaction devices.