Chipmaker giant TSMC (Taiwan Semiconductor Manufacturing Company) has denied being hacked after the LockBit ransomware gang demanded $70 million to withhold stolen data.

On Wednesday, a threat actor known as Bassterlord, who is affiliated with LockBit, began live-tweeting what appeared to be a ransomware attack on TSMC, sharing screenshots with company-related information.

These screenshots indicated that the threat actor had extensive access to systems allegedly belonging to TSMC, displaying email addresses, application access, and credentials for various internal systems.

Although that Twitter thread has since been deleted, the LockBit ransomware gang yesterday created a new entry for TSMC on its data leak site, demanding $70 million or it would leak stolen data, including information about identification for their systems.

“In the event of payment denial, network entry points and company passwords and IDs will also be published,” reads the LockBit data leak entry for TSMC.

LockBit's threat to TSMC
LockBit’s threat to TSMC (Computer Beep)

TSMC denies being hacked

A TSMC spokesperson told BleepingComputer that they were not hacked, but the systems of one of their hardware vendors, Kinmax Technology, were hacked.

“TSMC was recently made aware that one of our hardware vendors had suffered a cybersecurity incident that led to the leaking of initial server setup and configuration information,” the carrier said. word.

“At TSMC, each hardware component undergoes a series of thorough checks and adjustments, including security configurations, before being installed in TSMC’s system.”

“Upon review, this incident did not affect TSMC’s business operations or compromise TSMC’s customer information.”

In addition to validating that its systems were not affected in any way, TSMC says it has also ceased working with the offending vendor until the situation is cleared up.

“After the incident, TSMC immediately terminated its data exchange with this affected vendor in accordance with the company’s security protocols and standard operating procedures. TSMC remains committed to raising the security awareness of its vendors and to ensure they meet safety standards,” TSMC continued.

Finally, the semiconductor company told BleepingComputer that the investigation into the cybersecurity incident is continuing and also involves law enforcement.

Kinmax, the impacted vendor, today released a statement explaining that it became aware of a specific test environment compromise in its network on June 29, 2023.

The company discovered that the intruders managed to exfiltrate some data from the accessed system, mainly regarding system installation and configuration tips for customers.

“On the morning of June 29, 2023, the company discovered that our internal specific test environment had been attacked and certain information had been leaked,” reads the article. Kinmax statement.

“The leaked content consisted mainly of the preparation for installing the system that the company provided to our customers as default configurations.”

Kinmax is not the corporate giant that TSMC is, so LockBit’s demands for a $70 million ransom payment will likely be ignored.

Source link