Apple supplier faces $70 million ransomware attack
Russian ransomware gang LockBit is alledgedly responsible for the cyber attack against a TSMC supplier
Add bookmarkSemiconductor manufacturer and supplier to technology company Apple, Taiwan Semiconductor Manufacturing Company (TSMC), has suffered a data breach related to a third-party ransomware attack.
The attack was launched by Russian ransomware gang, LockBit, against one of TSMC’s suppliers, Kinmax Technology. The gang confirmed the cyber attack on June 29 via a post on its dark web leak site that named TSMC as a victim. LockBit demanded the company pay them US$70 million or the gang would publish the data stolen during the attack online.
The gang also said that “in the case of payment refusal”, it will also publish “points of entry into the network and passwords and login [information]”, as well as the stolen data. LockBit, however, has not yet published firm evidence of the data it has claimed to have stolen.
The ransom demand is one of the largest ransomware demands ever made, according to cyber security researcher William Thomas.
Top 5 Highest Ransom Demands π
— Will (@BushidoToken) June 30, 2023
π Hive: MediaMarkt - $240m
π REvil: Acer - $100m
π REvil: Kaseya - $70m
π LockBit: TSMC - $70m π
π LockBit: Pendragon - $60m
Honourable mention:
π EvilCorp: CNA Financial - $40m (Paid)
An unnamed TSMC spokesperson confirmed the attack via an email to technology news site TechCrunch. In their statement, the spokesperson said that a “cyber security incident” at Kinmax Technology had led to “information pertinent to server initial setup and configuration” being leaked.
According to the spokesperson, the incident has did not affected TSMC’s business operations or lead to any TSMC’s customer information being compromised.
“After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures,” the spokesperson continued.
In a notice about the breach, Kinmax Technology said the cyber attack was launched against its internal testing environment, causing a data leak. The company said that information leaked “mainly consisted of system installation preparation that the Company provided to our customers as default configurations”.
Kinmax Technology said that it “would like to express our sincere apologies to the affected customers”, but did not give any information on how many of its customers were impacted by the cyber attack.