A masked criminal holding a key, preparing to lock a computer with ransomware.

TSMC Denies $70 Million LockBit Ransomware Attack Claims

TSMC, a well-known chipmaker, they have firmly denied any reports of a cyber event. This comes after the LockBit ransomware group made a bold claim. They requested nearly $70 million to keep the confidentiality of fraudulently stolen data.

The company has identified Kinmax Technology, a Taiwan-based company that specialises in system integration, as the compromised third-party provider. However, they have deftly withheld information about exactly what kind of data that has been compromised.

TSMC is the world’s leading company in the semiconductor manufacturing industry, has a large staff of over 65,000 professionals working for it. Additionally, its stunning annual revenue of $57 billion shows an impressive financially successful outcome.

Taiwan Semiconductor Manufacturing Company (TSMC) is known as a market leader in the semiconductor manufacturing sector on a global scale. Their broad range of products are used in a wide range of gadgets, including smartphones and high-performance computers. Additionally, the IoT, automotive systems, and a range of digital consumer gadgets are all supported by their advanced semiconductors.

On Twitter, a someone known as Bassterlord, who is thought to be affiliated with the renowned LockBit group, posted a series of screenshots. These photos clearly show stolen data from TSMC, claimed to have been stolen during a ransomware attack.

These screenshots indicated that the attacker had successfully gained considerable access to computers that were owned by TSMC. The display of email addresses, application accessibility, and the passwords for various internal systems served as proof of this.

It is possible that the attackers broke into TSMC’s security systems based on the screenshots that were shown. Along with several passwords and other vital system credentials, they looked to have gained access to important email accounts and programmes.

The previous Twitter post was eventually deleted, but the LockBit ransomware group now released a brand-new item on its data leak site that targets TSMC. They threaten to reveal the stolen material, which shockingly includes system credentials, unless you pay a hefty $70 million ransom.

TSMC's Encounter with LockBit 3.0 Extortion Threat
TSMC’s Encounter with LockBit 3.0 Extortion Threat (RestorePrivacy)

TSMC denies hacking amid third-party breach

TSMC has blamed its third-party supplier, Kinmax, for the system compromise. Kinmax, a system integrator, works with top-tier technology companies such as Hewlett-Packard, Microsoft, VMware, Cisco, and Fortinet. This devastated security breach has exposed their large client base to cyber risks.

According to TSMC spokesperson:

TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident which led to the leak of information pertinent to server initial setup and configuration. At TSMC, every hardware component undergoes a series of extensive checks and adjustments, including security configurations, before being installed into TSMC’s system. Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information.

The semiconductor company said that law enforcement is now involved in an ongoing cybersecurity investigation.

On June 29, Kinmax informed its clients of a security issue in its in-house testing environment. Information used to prepare for system installation has come under unauthorised access. The compromised data only concerns the most fundamental shipping parameters and has nothing to do with customer applications.

Response from Kinmax to the Data Breach Incident (RestorePrivacy)

TSMC has stopped doing business with the compromised supplier, while assuring that its systems are secure. The National Hazard Agency is prepared to provide the “points of entry” into the TSMC network, as well as the login information for those ports of entry.

The company found that hackers had stolen information on client configurations and installation instructions for systems. There is no evidence that they would be willing to pay the demanded ransom. However, the company guarantees that the stolen material will not affect its business operations and does not jeopardize customer data.

Phishing Tackle offers a free 14-day trial to help train your users to avoid these types of attacks and test their knowledge with simulated attacks using various attack vectors. By focusing on training your users to spot these types of attacks, rather than relying solely on technology, you can ensure that your organisation is better prepared to defend against cyber threats and minimise the impact of any successful attacks.

Recent posts