Almost five years after it was struck with the WannaCry ransomware that forced a production halt, TSMC has been attacked by the LockBit group, claiming that it now has its hands on the semiconductor giant’s sensitive information. The hackers are demanding $70 million and have given a deadline of August 6, after which it will publicly reveal all the stolen information.
TSMC claims that the latest attack did not affect its business operations or the customer information
Speaking to SecurityWeek, TSMC stated that one of its IT hardware suppliers experienced a security breach, which compromised vital information. Among the various details stolen, it was revealed that the firm had an estimated annual revenue of $57.2 billion, so the hackers demanding a $70 million ransom would look like chump change to TSMC. After a thorough investigation, the company has stated below that its business operations have not been affected, and the customer data is safe.
“At TSMC, every hardware component undergoes a series of extensive checks and adjustments, including security configurations, before being installed into TSMC’s system. Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information.
After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures. TSMC remains committed to enhancing the security awareness among its suppliers and making sure they comply with security standards. This cybersecurity incident is currently under investigation that involves a law enforcement agency.”
National Hazard Agency, a sub-clique of Lockbit ransomware group, has ransomed TSMC (Taiwan Semiconductor Manufacturing Company).
The company has an estimated annual revenue of $57,220,000,000.
National Hazard Agency is ransoming them for $70,000,000. pic.twitter.com/bXjzQ7SSXU
— vx-underground (@vxunderground) June 30, 2023
As for which supplier was compromised in the security breach, it was Kinmax Technology, a systems integrator company based in Taiwan, specializing in cloud computing, networking, and security, with some of its clients, including Microsoft and NVIDIA. Kinmax claims that the stolen content were details of default configurations of system installations that are provided to its customers. Kinmax has also publicly apologized to its affected customers, as the leaked information also contained their names, but no specific firm was mentioned. Kinmax promises to enhance its security moving forward to prevent history from repeating itself.
The LockBit ransomware group has been in existence since 2019 and has been frequently in the news since 2022, boasting more than 1,800 entities that have fallen victim to its attacks. The group’s business model revolves around a Ransomware-as-a-service Strategy, or RaaS, where it keeps the majority of the profits while its affiliates are the ones that carry out the attacks, which in this case, is a sub-group called National Hazard Agency. Whether or TSMC will agree to the $70 million ransom term is undisclosed, but we will have to revisit this incident on August 6, according to the deadline.