Scroll Top

Taiwan semiconductor denies LockBit’s hack claim, asserts Third-Party supplier’s data leak


Taiwan semiconductor denies LockBit’s hack claim, asserts Third-Party supplier’s data leak
TSMC clarifies data leak only impacted initial setup files, no customer information compromised

Taiwan Semiconductor Manufacturing Co. (TSMC), the world’s largest chip manufacturer, has refuted the hack claim and $70 million ransom demand made by the LockBit 3.0 ransomware gang. TSMC clarified that the data leak occurred at a third-party supplier, Kinmax Technology Inc., and was limited to certain initial configuration files. The company assured stakeholders that customer information and operations remained unaffected.

In a recent development, the LockBit 3.0 ransomware gang included TSMC in its dark web leak site, asserting possession of confidential data belonging to the chip-making giant. To substantiate their claim, the extortionist group shared four screenshots as evidence.

LockBit demanded a ransom of $70 million from TSMC and offered to delete the leaked data and remove the company listing from the leak site upon payment. However, in the event of refusal, the gang threatened to publish the compromised data, along with entry points and login credentials to TSMC’s network. The ransom deadline was set for August 6, with an option to extend it by 24 hours for an additional $5,000.

A spokesperson from TSMC debunked the claims of a direct hack into their IT systems, clarifying that the data leak affected Kinmax Technology Inc., an IT hardware supplier. The leaked information pertained to server initial setup and configuration, unrelated to TSMC’s business operations or customer information.

Kinmax Technology Inc. confirmed that it had detected an attack on one of its test environments, resulting in the unauthorized extraction of relevant information. The compromised data primarily consisted of parameter information, such as installation configuration files, which were solely related to the initial shipment setup and held no impact on customer applications.

Following the incident, Kinmax shut down the affected network section and engaged an undisclosed third-party cybersecurity company to assess the situation and support incident response. The investigation determined that the rest of the network remained uncompromised. Kinmax assured stakeholders that the company’s operations had not suffered significant losses, and a criminal investigation had been initiated.

As part of its security protocols and standard operating procedures, TSMC promptly terminated data exchange with Kinmax and emphasized its commitment to enhancing security awareness among suppliers to ensure compliance with security standards.

Ransomware attacks have seen a significant surge in recent months, with LockBit 3.0 being one of the most active threat actors. The group accounted for 78 known victims in May alone, making it responsible for 18% of all known ransomware incidents in that month. Another emerging player in the ransomware landscape is 8Base, which has targeted nearly 80 organizations since March 2022, posing a notable challenge to LockBit’s dominance.

TSMC’s swift response to clarify the origin and limited impact of the data leak highlights the importance of transparency and collaborative efforts in addressing cyber threats. As the threat landscape evolves, organizations must remain vigilant, fortify their security measures, and foster partnerships to effectively mitigate risks and safeguard critical data.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.