The world’s largest semiconductor foundry company, TSMC has just become the target of a data leak promoted by the hacker group LockBit. According to information released this Friday (30) by the SecurityWeekyou criminals claim to have access to internal documents with confidential information from the Taiwanese giant.
The attack appears to have exploited a security hole in the hardware of one of TSMC’s suppliers, which would have compromised its sensitive data and financial reports.
After an investigation into the incident, the company concluded that the attack “does not affect its operations or make its customers’ information vulnerable”, according to a TSMC spokesperson, but the hacker group claims to have data that could provide access to the company’s internal system. , which dominates more than 55% of the semiconductor market.
The partner company impacted by the ransomware attack is Kinmax Technology, a Taiwan-based systems integrator specializing in networking, cloud computing, storage, security and database management. Among the company’s customers, it is possible to highlight names such as Microsoft, NVIDIA and Cisco.
“The leaked content mainly consisted of the installation of the system that the company provides to our customers as a standard configuration,” explained Kinmax. “We would like to express our sincere apologies to affected customers as the leaked information contained their names, which may have caused some inconvenience.”
According to a statement issued by a TSMC spokesperson, the foundry is enforcing appropriate containment measures in order to prevent the security breach from aggravating.
Following the incident, TSMC immediately terminated its data exchange with this provider. The company remains committed to raising security awareness among its partners and ensuring that they adhere to security standards. This cybersecurity incident is currently under investigation involving a law enforcement agency.
TSMC
You hackers are demanding a $70 million ransom — one of the highest amounts in the history of ransomware attacks, according to cybersecurity researcher William Thomas — to decrypt the documents obtained in the hack.
The deadline for the transaction is until August 6, and if the payment is not made, the group threatens to disclose the leaked information from TSMC. According to a publication by hackers on the dark web, the data includes login data on the company’s system. LockBit has revealed no evidence that it does, in fact, have access to these credentials.
LockBit is a hacker group supposedly based in Russia. The organization was allegedly responsible for a series of ransomware attacks against major companies, including Pendragon, a UK commercial vehicle dealership.
In April last year, the Rio de Janeiro State Treasury Department (Sefaz-RJ) became one of the targets of LockBit ransomware, which allegedly stole around 420 GB of data with emails and proof of service provision. of the state agency.
Europe is the second country that receives the most ransomware attacks in the world, according to a survey released last year by sonic wall capture, second only to the United States. With the increase in remote work, since the beginning of the coronavirus pandemic in 2020, several companies have been targets of this type of malware, such as JBS.
