Data Breach Confirmed by TSMC-Apple Chip Supplier, Hackers Demand $70 Million Ransom

                                      

www.quantumipl.com

Data Breach

Confirmed by TSMC-Apple Chip Supplier,

Hackers Demand $70 Million Ransom

The Taiwan Semiconductor Manufacturing Company (TSMC), a key chip supplier for Apple, has confirmed a data breach, while hackers known as the LockBit group claim to have obtained sensitive information from the company. This incident echoes a previous attack on TSMC by the WannaCry ransomware five years ago, which caused a production shutdown. The hackers are now demanding a ransom of $70 million, setting a deadline of August 6th, and have threatened to publicly disclose all stolen information if their demands are not met.

TSMC has identified the security breach as originating from one of its IT hardware suppliers, resulting in the theft of significant information. The hackers have demanded a hefty ransom of $70 million. However, after conducting a thorough investigation, TSMC has assured stakeholders that its business operations remain unaffected and customer data remains secure.

In an official statement, TSMC acknowledged the cybersecurity incident, stating, "TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident, which led to the leak of information pertinent to server initial setup and configuration." The company emphasized that all hardware components undergo rigorous checks and adjustments, including security configurations, before being integrated into its systems. TSMC has determined that the incident has not compromised any customer information or impacted its day-to-day operations.

In adherence to its security protocols and standard operating procedures, TSMC has severed all data exchange with the involved supplier in response to the breach.

The attack also affected Kinmax Technology, a Taiwanese systems integrator specializing in networking, storage, database management, and security services. Kinmax collaborates with multinational corporations such as Cisco, HPE, Microsoft, Citrix, VMware, and Nvidia. According to Kinmax, the breach occurred within their internal testing environment, resulting in the leakage of some information. The compromised data primarily consisted of default setup instructions that the company provides to its clients.

Kinmax has expressed its apologies for any inconvenience caused to customers whose names were included in the leaked data. The company has since implemented enhanced security measures to prevent similar incidents in the future.

It is an unfortunate incident for TSMC and its supplier, highlighting the ongoing challenges in ensuring cybersecurity and safeguarding sensitive information in the technology industry. Both companies are working diligently to address the breach, mitigate risks, and fortify their defences against future attacks.

for VLSI & EMBEDDED based design and training please contact www.quantumipl.com