News it out that Apple chip manufacturer TSMC has been pwned by hackers. This hack has apparently pwned a third party provider according to this:
In a statement given to TechCrunch, a TSMC spokesperson — who emailed from a generic press email account and repeatedly declined to provide their name — confirmed that a “cybersecurity incident” at one of the company’s IT hardware suppliers, named as Kinmax Technology, led to the leak of “information pertinent to server initial setup and configuration.”
“Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information,” the spokesperson added. “After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures.”
TSMC shared a copy of the communication it received from Kinmax Technology, an IT services and consulting organization that specializes in networking, cloud computing, storage, security and database management.
“In the morning of June 29, 2023, the Company discovered that our internal specific testing environment was attacked, and some information was leaked,” Kinmax said in its notice. “The leaked content mainly consisted of system installation preparation that the Company provided to our customers as default configurations.”
Kinmax added that it “would like to express our sincere apologies to the affected customers,” suggesting TSMC wasn’t its only partner affected by the incident.
Eric Huang, vice president of Kinmax Technology, declined to say how many of its customers had been impacted.
On its website, Kinmax claims that its partners include companies such as Nvidia — which declined to comment; HPE; Cisco; Microsoft; Citrix; and VMware. None of the remaining organizations have yet responded to TechCrunch’s questions, and it’s not known if they have been impacted by the incident.
The culprits are apparently the LockBit gang. And said gang want’s $70 million or else:
“In the case of payment refusal, also will be published points of entry into the network and passwords and logins company,” LockBit wrote. The gang didn’t provide any evidence of the data it had allegedly stolen.
This will be interesting to see how this plays out. I am pretty sure that TSMC is unlikely to pay the ransom. So we will have to see if LockBit follows through on their threats.
Get your popcorn ready.
TSMC Has Been Pwned… Hackers Are Asking For A $70 Million Ransom
Posted in Commentary with tags TSMC on June 30, 2023 by itnerdNews it out that Apple chip manufacturer TSMC has been pwned by hackers. This hack has apparently pwned a third party provider according to this:
In a statement given to TechCrunch, a TSMC spokesperson — who emailed from a generic press email account and repeatedly declined to provide their name — confirmed that a “cybersecurity incident” at one of the company’s IT hardware suppliers, named as Kinmax Technology, led to the leak of “information pertinent to server initial setup and configuration.”
“Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information,” the spokesperson added. “After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures.”
TSMC shared a copy of the communication it received from Kinmax Technology, an IT services and consulting organization that specializes in networking, cloud computing, storage, security and database management.
“In the morning of June 29, 2023, the Company discovered that our internal specific testing environment was attacked, and some information was leaked,” Kinmax said in its notice. “The leaked content mainly consisted of system installation preparation that the Company provided to our customers as default configurations.”
Kinmax added that it “would like to express our sincere apologies to the affected customers,” suggesting TSMC wasn’t its only partner affected by the incident.
Eric Huang, vice president of Kinmax Technology, declined to say how many of its customers had been impacted.
On its website, Kinmax claims that its partners include companies such as Nvidia — which declined to comment; HPE; Cisco; Microsoft; Citrix; and VMware. None of the remaining organizations have yet responded to TechCrunch’s questions, and it’s not known if they have been impacted by the incident.
The culprits are apparently the LockBit gang. And said gang want’s $70 million or else:
“In the case of payment refusal, also will be published points of entry into the network and passwords and logins company,” LockBit wrote. The gang didn’t provide any evidence of the data it had allegedly stolen.
This will be interesting to see how this plays out. I am pretty sure that TSMC is unlikely to pay the ransom. So we will have to see if LockBit follows through on their threats.
Get your popcorn ready.
Leave a comment »