Following reports of a ransomware attack, Taiwanese PC vendor MSI (short for Micro-Star International) today confirmed that its network was hacked in a cyberattack.

Earlier this week, the Money Message ransomware gang reportedly infiltrated some of MSI’s systems and stole files that will be leaked online next week if the company refuses to pay a $4 million ransom.

In a Friday filing with the Taiwan Stock Exchange (TWSE)first spotted by PCMagMSI disclosed that some of its information services systems were affected by a cyberattack reported to the relevant authorities.

“After detecting some information systems under attack by hackers, MSI’s IT department initiated an information security defense mechanism and recovery procedures. The company was also reported [sic] the anomaly to the relevant government authorities,” MSI said.

The company did not share any details about the timing of the attack, whether any of the affected systems were encrypted, or whether the attackers exfiltrated company and customer information during the incident.

However, MSI said the cyberattack had no “significant” operational and financial impact, with security enhancements implemented to ensure the safety of data stored on affected systems.

“No significant impact on our business in financial and operational terms at this time. The Company is also strengthening the information security controls of its network and infrastructure to ensure data security.”

MSI TWSE filing regarding the cyberattack
MSI TWSE filing regarding cyberattack (BleepingComputer)

​BleepingComputer first covered the Money Message ransomware operation activity in a report released last weekend after hearing about the group’s potential involvement in breaching a high-profile hardware vendor.

According to discussions seen by BleepingComputer between the ransomware gang and an MSI representative, the threat actors demanded a ransom of $4,000,000 based on a claim that they stole around 1.5TB of documents on the MSI network.

Money Message is now threatening to release the allegedly stolen files next week if MSI fails to meet its ransom demands.

Threat actors have listed MSI on their data leak site, so far only sharing screenshots of what they describe as the maker’s Enterprise Resource Planning (ERP) databases and files. PC containing software source code, private keys and BIOS firmware.

MSI has yet to respond to multiple emails from BleepingComputer requesting a statement regarding the Money Message ransomware gang’s claims.


Source link