Samsung says its mobile payments data is safe despite hack

Samsung Electronics has said its mobile payment system is safe after a hacking attack against its US-based subsidiary LoopPay.

An article in the New York Times on Wednesday said the hacking incident had occurred against LoopPay's network in March.

LoopPay, acquired by Samsung in February, developed the payment system used to run Samsung Pay - a competitor to Apple Pay.

Samsung said user data was not at risk.

In August, the Korean electronics giant launched its mobile wallet service Samsung Pay in South Korea, followed by a launch in the US in September.

Samsung Pay competes against rival Apple's pay facility, which launched last year and operates in the US and UK. Google offers a similar payment system.

The mobile phone payment systems are designed to convince shoppers to use their handsets to make in-store purchases - rather than using cards.

The New York Times article says Chinese hackers - the so-called Codoso Group - gained access to LoopPay's office network and were not discovered until five months later in August.

Samsung said its payment system "was not impacted and at no point was any personal payment information at risk".

The firm said it was an "isolated incident" and stressed that LoopPay was a physically separate network from Samsung Pay.

"The LoopPay incident was resolved and had nothing to do with Samsung Pay," the firm said.

The hackers behind the attack may not have been solely interested in stealing data they could then sell on, Ken Westin from security company Tripwire told Computerworld.

Instead, he said, they may have been looking for information about individuals to help with tracking their movements.

The Codoso Group has been linked to attacks on US military and government sites and has been suspected of being a proxy for the Chinese government. The hack may have liberated information about the habits and travels of key individuals helping China home in on targets.