Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest contract chipmaker, has confirmed that it suffered a data breach after being listed as a victim of the LockBit ransomware gang.
link with Russia LockBit . Blackmail Gang listed TSMC on its dark web leak site on Thursday. The gang is threatening to release stolen data from the company, which accounts for 60% of the global foundry market, unless the company pays a $70 million ransom demand. This is one of the largest known ransom demands in history, according to to William Thomas, a cyber threat intelligence researcher at Equinix.
LockBit writes: “In the event of a payment refusal, the network access points as well as the company’s password and login information will also be disclosed. The gang has not provided any evidence of the data it allegedly stole.
In a statement issued to TechCrunch, a spokesperson for TSMC – who sent emails from a joint press email account and repeatedly declined to give their names – confirmed that a “cybersecurity incident ” at one of the company’s IT hardware suppliers, named Kinmax Technology, resulted in the leak of “information regarding the server’s initial setup and configuration.”
“After review, this incident did not affect TSMC’s business, nor did it compromise any TSMC customer information,” the spokesperson added. “Following the incident, TSMC immediately terminated data exchange with this relevant supplier in accordance with the Company’s standard operating procedures and security protocols.”
TSMC shared a copy of the communication it received from Kinmax Technology, an IT consulting and services organization specializing in networking, cloud computing, storage, security, and database management .
“The morning of June 29, 2023, the Company discovered that our specific internal test environment was hacked and some information was leaked,” Kinmax said in its announcement. “The leaked content mainly consisted of the process of preparing the system installation, which the Company provided to our customers as the default configuration.”
Kinmax added that it “would like to express its sincere apologies to the affected customers,” indicating that TSMC is not the only one of its partners affected by the incident.
Eric Huang, vice president of Kinmax Technology, declined to say how many of its customers were affected.
ABOVE its website, Kinmax claims that their partners include companies like HPE, Cisco, Microsoft, Citrix, and VMware. None of these listed organizations responded to TechCrunch’s questions and it is not known if they were affected by the incident.
This latest violation comes just weeks after the US Department of Justice announced that it had arrest and charge a Russian citizen for his alleged role in multiple LockBit ransomware attacks against victims in the United States and around the world. On the same day this arrest was announced, LockBit announced a ransomware attack on Indian pharmaceutical giant Granules India.