It seems that chipmaker AMD had been pwned by the ransomware and extortion group RansomHouse:
RansomHouse, a relatively new data-extortion cybercrime group, has announced a major new victim. Today, the group published a new update on its darknet site and are claiming to have breached Advanced Micro Devices (AMD), the large chip manufacturing company.
RansomHouse is claiming to have breached AMD’s network and exfiltrated “more than 450 Gb” of data back in January 2022. The group has also published a data sample as evidence.
And assuming that this happened, it looks like AMD was pwned rather easily. Check this out:
It’s no secret that hackers can easily launch attacks against networks with commonly-used passwords to to gain access.
According to RansomHouse, this was the case with AMD, which the group claims was using “simple passwords” to protect its network.
An era of high-end technology, progress and top security…there’s so much in these words for the crowds. But it seems those are still just beautiful words when even technology giants like AMD use simple passwords like ‘password’ [others passwords redacted] … to protect their networks from intrusion. It is a shame those are real passwords used by AMD employees, but a bigger shame to AMD Security Department which gets significant financing according to the documents we got our our hands on – all thanks to these passwords.– RansomHouse group
If that’s true, that’s really embarrsing for AMD.
AMD had this to say when they were asked about this:
On June 27th, we reached out to AMD for comment. AMD provided us with the following statement on June 28th:
AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway.-AMD Communications Director
RestorePrivacy is in contact with both AMD and RansomHouse and will update this article with any new information provided to us from either party.
That sounds like to me that this has actually happened. But we may want to wait for a more fulsome confirmation.
Saryu Nayyar, CEO and Founder, Gurucul:
“In an ironic twist of fate, AMD survived the global chip supply chain crisis during the COVID-19 pandemic only to be victimized by ransomware from a new data extortion group. Doubling down on irony is that AMD staff used “password” as the password for critical network access. How does this still happen in companies with security savvy engineers? It’s beyond comprehension quite frankly. Time to spin all the passwords and clean up security controls. Seriously, it’s time.”
I can’t wait for the full details to come out. Because if these details are fact, a lot of people at AMD have some explaining to do.
UPDATE: Darren Williams, CEO and Founder of BlackFog added this comment:
“We haven’t yet seen evidence of the attack on AMD, but RansomHouses’ recent attack on the Shoprite Group in South Africa would indicate that they are focused on large organizations with weak security. As with all cyberattacks it really doesn’t matter how the bad actors found their way in, weak passwords or otherwise, if they want to find a way in, they will be successful! What really matters is what data they were able to leave with. Extortion is the focus for cybercriminal gangs and organizations should look to newer technologies like anti data exfiltration to stop them in their tracks and prevent any unauthorized data from being exfiltrated.”