TSMC denies LockBit hack as ransomware gang demands $70 million

[vtqhtr413]

Content source

https://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/

On Wednesday, a threat actor known as Bassterlord, who is affiliated with LockBit, began to live tweet what appeared to be a ransomware attack on TSMC, sharing screenshots with information related to the company. These screenshots indicated that the threat actor had significant access to systems allegedly belonging to TSMC, displaying email addresses, access to applications, and credentials for various internal systems.

While this Twitter thread has since been deleted, the LockBit ransomware gang created a new entry for TSMC yesterday on their data leak site, demanding $70 million or they would leak stolen data, including credentials for their systems. "In the case of payment refusal, also will be published points of entry into the network and passwords and logins company," reads the LockBit data leak entry for TSMC.

A TSMC spokesperson told BleepingComputer that they were not breached, but rather the systems of one of their IT hardware suppliers, Kinmax Technology, were hacked. "TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident which led to the leak of information pertinent to server initial setup and configuration," stated the spokesperson.

 

[CyberTech]

TSMC, the Taiwanese semiconductor producer, has confirmed to TechCrunch via email that one of its hardware suppliers, Kinmax, was affected by the LockBit ransomware. The supplier also admitted this.

Luckily for TSMC, its business operations and customer information were not compromised, according to a spokesperson. The TSMC spokesperson, who strangely would not share their name, said that the company has terminated its data exchange with Kinmax in accordance with its security protocols.

Contrary to what the two companies are saying, the hackers have demanded $70 million from TSMC, or otherwise they would publish the stolen data.It’s not clear how much the hackers were able to steal but Kinmax says it was just installation configuration files.

The rest

TSMC confirms partner affected by LockBit cyberattack, but there is good news

TSMC has said that it wasn't greatly affected by LockBit malware that hit one of its suppliers. Despite this, hackers have demanded a $70 million ransom, or it will leak info it claims to have.

www.neowin.net

 

[[correlate]]

National Hazard Agency, a sub-group of the LockBit ransomware gang, posted the name of Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest chip manufacturer, on LockBit’s dark web leak site on June 29, 2023.

LockBit Claims TSMC Hack, Demands $70m Ransom

If confirmed, it could be the fourth-largest ransom demand of all time

www.infosecurity-magazine.com