Hackers Demand $70M From TSMC, But Only Third-Party Test System Was Hit

A notorious ransomware gang says it breached chipmaker TSMC, but the Taiwanese company says the hackers merely breached a third-party supplier. 

The LockBit ransomware group posted about the hack on Thursday with screenshots of internet files supposedly stolen from the chipmaker. The gang is now demanding TSMC pay an exorbitant $70 million to avoid having the stolen files posted on the dark web

“In the case of payment refusal, also will be published points of entry into the network and passwords and logins company,” LockBit warns.                     

LockBit site


(Credit: LockBit)

The day before, a hacker named “Bassterlord,” who’s affiliated with LockBit, also tweeted about the breach into TSMC, including other screenshots that appear to show they had internal access into a company system.

But despite the claims from LockBit and BassterLord, TSMC says the company itself was never breached. Instead, a third-party IT supplier named Kinmax Technology suffered a hack, it says. 

“Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information,” the company told(Opens in a new window) BleepingComputer. In addition, TSMC has temporarily halted all business with the IT supplier. 

Kinmax, which supplies networking and cloud computing, also confirmed it experienced a breach on Wednesday. But the company notes the hackers only infiltrated a “test environment.”

Recommended by Our Editors

“The environment under attack is the engineering test area. This is the system installation environment prepared for customers,” Kinmax said in a statement(Opens in a new window). “The captured content is parameter information such as installation configuration files. However, because the company name of a specific customer is used, it has attracted the attention of cyber attack groups.” 

As a result, Kinmax says no important information was stolen from TSMC. “It is only the basic setting at the time of shipment. At present, no damage has been caused to the customer, and the customer has not been hacked by it,” the company adds. So it’s likely LockBit’s ransomware demand will be ignored.

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.”,”first_published_at”:”2021-09-30T21:22:09.000000Z”,”published_at”:”2022-03-24T14:57:33.000000Z”,”last_published_at”:”2022-03-24T14:57:28.000000Z”,”created_at”:null,”updated_at”:”2022-03-24T14:57:33.000000Z”})” x-show=”showEmailSignUp()” class=”rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 mt-8 container-xs” readability=”31.423799582463″>

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Facebook Comments Box

Hits: 0