HQ/EMEAFind out how we can help your business
The Taiwan Semiconductor Manufacturing Corporation (TSMC) denied the LockBit 3.0 ransomware group’s hack claim and $70 million ransom demand. The affected Taiwanese organisation is one of the world’s largest chip manufacturers.
Based on reports, the alleged data leak incident occurred at a third-party supplier and contained specific initial configuration files. Moreover, statements explained that the attack did not affect the customer and operations of the company.
TSMC appeared on LockBit’s data leak website.
Earlier this week, the LockBit 3.0 ransomware group included TSMC on its dark web data leak site. This notorious extortion group revealed that they acquired confidential data of the chip-making corporation and added four screenshots to support its claim.
LockBit said it would delete the stolen information and remove the company from its list if it paid the demanded $70 million ransom. However, the ransomware group threatens to publish the stolen data if TSMC refuses to provide the ransom. The attackers will also publish the entry points into the company’s network with login credentials.
LockBit sets August 6 as the deadline for the Taiwanese company to provide the payment. They also added an extension offer for $5,000 if the company wants to extend the ransom date for a day. Lastly, LockBit said they are prepared to sell the stolen data to interested buyers at the same price they offer to TSMC.
On the other hand, a Taiwan Semiconductor Manufacturing Corporation spokesperson revealed that LockBit’s claims of a direct hack against them are untrue since their only impacted entity is their IT hardware supplier, Kinmax Technology Inc.
The spokesperson revealed that the impacted server has a compromised setup and configuration. Hence, the incident has not affected TSMC’s business operations or did not compromise any of its customers.
Furthermore, Kinmax admitted last week that their team had spotted an attack on one of its infrastructures, and the attackers have harvested some information.
Kinmax has shut down the compromised network section and systems and continues investigating the situation. A third-party security company employed by Kinmax said that the rest of the network was regular and unaffected.
