The LockBit ransomware group claims it has hacked TSMC, with TSMC stating that one of its suppliers has been breached. The cybercriminals are demanding a ransom of $70 million by August 6 and threaten to leak considerable amount of sensitive data. TSMC told SecurityWeek that its network had not been breached, but one of its IT hardware suppliers had indeed been hacked.
“TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident, which led to the leak of information pertinent to server initial setup and configuration,” a statement by TSMC sent to Tom’s Hardware reads. “At TSMC, every hardware component undergoes a series of extensive checks and adjustments, including security configurations, before being installed into TSMC’s system. Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information.
In response to the security breach, TSMC immediately ceased data sharing with the affected supplier, in accordance with its security guidelines and routine procedures, the company indicated. At present, a law enforcement agency is investigating this cybersecurity occurrence.
“After the incident, TSMC has immediately terminated its data exchange with this supplier in accordance with the Company’s security protocols and standard operating procedures,” the foundry stated. “TSMC remains committed to enhancing the security awareness among its suppliers and making sure they comply with security standards. This cybersecurity incident is currently under investigation that involves a law enforcement agency.”
The notorious ransomware group published its initial threat on June 29 and gave TSMC seven days to respond or vast amount of sensitive information would be published, but then extended the ‘deadline’ to August 6. The group published a screenshot containing an @tsmc.com email.
TSMC claims that it did not fell the victim of the cyberattack. The supplier affected by the attack is Kinmax Technology, a Taiwan-based systems integrator specializing on networking, storage, database management and, ironically, security. Kinmax Technology works with various multinational companies, including Cisco, HPE, Microsoft, Citrix, VMware, and Nvidia.
Kinmax itself claims that while the breach did took place, its ‘Â internal specific testing environment’ was attacked resulting in an information leak. The majority of the data that was exposed was related to the default setup instructions that the company delivers to its clients, according to the system integrator. Kinmax expressed its deepest regrets to the clients impacted because ‘the leaked data contained customer names, causing potential inconvenience.’ The company claims that it had put in place stronger security protocols to ensure such situations do not arise in the future.
Click Here For The Original Source.
