Following the LockBit intrusion on a third-party supplier, TSMC confirms a data breach.
“Taiwan Semiconductor Manufacturing Company (TSMC),” the largest contract chip manufacturer in the world, has acknowledged a data loss after being identified as a LockBit ransomware gang victim.
On Thursday, the ransomware gang LockBit, which has ties to Russia, featured TSMC on one of its dark web leak sites. The corporation controls 60% of the global foundry market, and the gang threatens to disclose data seized from it unless it pays a $70 million ransom demand.
William Thomas, a researcher at Equinix who specializes in cyber threat intelligence, claims that this is one of the greatest documented ransom requests in history.
LockBit
“In the case of payment refusal, also will be published points of entry into the network and passwords and logins company.”
The group didn’t offer proof of the data it claimed to have taken.
Statement, TechCrunch,
A TSMC spokesperson who communicated via a generic press email address and continuously refused to give their name proved that a “cyberattack” at one of the firm’s IT hardware suppliers, Kinmax Technology, resulted in the breach of “data pertinent to server initial setup and configuration. Reviewing the event shows that neither it has impacted TSMC’s business operations nor has it victimized any of the company’s client data.”
“Following the Company’s security standards and regular operating procedures, TSMC promptly stopped exchanging data with this worried supplier after the event.”
TSMC shared a copy of the communication it received from Kinmax Technology, an IT services and consulting organization specializing in networking, cloud computing, storage, security, and database management.
Kinmax
“On June 29, 2023, the Company learned that one of its internal testing environments had been targeted and some information had been exposed. Default configurations for system installation that the company gave to our customers comprised most of the leaked content. Assuming that TSMC wasn’t the only one of its partners harmed by the issue, Kinmax said it would want to extend its heartfelt apologies to the affected customers.”
Eric Huang, Vice President, Kinmax Technology
Refused to specify the number of affected clients.
On its website, Kinmax lists Nvidia—which declined to comment—as one of its partners, along with HPE, Cisco, Microsoft, Citrix, and VMware. TechCrunch has not received a response from any of the remaining companies, and how the incident has affected them is unknown.
Following the announcement that a Russian individual had been detained and charged for his alleged involvement in numerous LockBit ransomware attacks against victims in the U.S. and globally, this most recent breach occurred just a few weeks later. LockBit reported a ransomware attack on Indian pharmaceutical tycoon Granules India on the same day this arrest was made public.
About The Author
Suraj Koli is a content specialist with expertise in Cybersecurity and B2B Domains. He has provided his skills for News4Hackers Blog and Craw Security. Moreover, he has written content for various sectors Business, Law, Food & Beverage, Entertainment, and many others. Koli established his center of the field in a very amazing scenario. Simply said, he started his career selling products, where he enhanced his skills in understanding the product and the point of view of clients from the customer’s perspective, which simplified his journey in the long run. It makes him an interesting personality among other writers. Currently, he is a regular writer at Craw Security.
Kindly read other news articles:
Cyber Fraud Causes A Loss of ₹1 Cr Almost Every Day in Gujarat
Beware: A Growing ‘Courier Scam’ Is Defrauding Thousands Of Students