TSMC subjected to US$70 million blackmail demand

TSMC subjected to US$70 million blackmail demand

News |
By Peter Clarke

Cette publication existe aussi en Français

A ransomware group linked to Russia has threatened leading foundry TSMC with leaking private data unless it pays US$70 million, according to reports.

It is uncertain whether the group – which goes by the name LockBit – has any data but on June 29 a local IT services provider Kinmax Technologies Inc. (Hsinchu, Taiwan) acknowledged that it has been hacked and had suffered a data leak.

This was the same day when the blackmail threat against TSMC was published. Initially TSMC was given seven days in which to pay but dark-web screen grabs show that deadline has been extended to August 6. “In the case of payment refusal, also will be published points of entry and passwords and logins company. All available data will be published,” LockBit wrote.

Kinmax provides IT consulting, planning, construction, system integration and maintenance services. It is therefore heavily involved with its customers.

Kinmax says sorry

Kinmax said in statement: “On the morning of June 29, 2023, the company discovered that in the company’s internal specific test environment, it was attacked by an external group and retrieved relevant information. On the same day, we completed the notification and apologized to the customer, and at the same time invited a third-party information security team to work with the customer to do damage control.”

Kinmax also said that; “The above information has nothing to do with the actual application of the customer, it is only the basic setting at the time of shipment. At present, no damage has been caused to the customer, and the customer has not been hacked by it.”

Kinmax added the matter has been reported to the authorities and is now the subject of a criminal investigation.

TSMC has reportedly acknowledged that one of its IT hardware suppliers has suffered a cybersecurity incident which led to a leak of information about the initial setup and configuration of servers. A spokesperson is quoted saying: “Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information.”

The semiconductor sector with its raised profile and heavy reliance on IT services is becoming increasingly a target for ransomware attacks.

Related links and articles:

News articles:

US$250 million ‘negative impact’ at Applied linked to cyberattack

ASML admits Chinese data theft may have broken export controls

Cyberattack will impact Tower’s 3Q results

If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :    eeNews on Google News


Linked Articles