Advantest Hit by Ransomware Attack: Chip Testing Toolmaker's Data at Risk

Post Views: 9

Japanese Chip-Testing Firm Falls Prey to Ransomware Attack

Advantest, a leading Japanese manufacturer of semiconductor testing equipment, has confirmed that it suffered a ransomware attack earlier this month. The incident was first detected on February 15, 2026, when the company’s IT team identified unusual activity within its network.

About Advantest

Advantest, which employs over 7,600 people across its facilities in the Americas, Asia, and Europe, is a major player in the design and production of semiconductors used in various industries, including computing, electronics, autonomous vehicles, and high-performance computing.

Breach and Investigation

The company has since activated its incident response protocols, isolated affected systems, and enlisted the help of external cybersecurity experts to investigate and contain the breach.

While the investigation is ongoing, preliminary findings suggest that an unauthorized party may have gained access to parts of the company’s network and deployed ransomware. It remains unclear whether customer or employee data was compromised during the incident.

Advantest has assured that it is working to understand the full extent of the breach while reinforcing its defenses and has promised to provide regular updates on the investigation.

Ransomware Threat in the Manufacturing Sector

The incident highlights the growing threat of ransomware attacks in the manufacturing sector. According to a report by Dragos, a leading industrial cybersecurity company, 119 ransomware groups targeted over 3,300 industrial organizations in the past year, with manufacturers accounting for over two-thirds of the victims.

Sophos X-Ops, a UK-based cybersecurity firm, observed ransomware activity across leak sites and found that 99 distinct threat groups targeted manufacturing organizations in 2025. The most prominent groups targeting manufacturers include Akira, Qilin, and Play.

Targeting the Semiconductor Ecosystem

The semiconductor ecosystem has also been targeted by state-backed threat actors seeking to steal intellectual property, including proprietary designs and manufacturing processes.

The rise of double extortion tactics, where stolen data is held to ransom and threatened with publication on a leak site, has become a significant concern for manufacturers. In over half of the ransomware incidents handled by Sophos Emergency Incident Response, both data theft and data encryption were involved.