The LockBit ransomware gang has asserted that they infiltrated Taiwan Semiconductor Manufacturing Company (TSMC), but the chip giant has declared that only one of its suppliers was compromised.
The notorious cybercrime organization declared on Thursday via their website that they had targeted TSMC, implying – based on the $70 million ransom demand – that they have pilfered a large number of confidential details. The victim was initially given seven days to react, but the time limit has since been extended to August 6 (at the moment of writing).
TSMC recently became aware of an IT hardware supplier’s cybersecurity incident, which resulted in the compromise of initial server setup and configuration information. The company has conducted a thorough review and confirmed that the incident has not disrupted business operations or customer data. TSMC has also implemented security protocols and terminated data exchange with the supplier in question. They remain committed to boosting supplier security awareness and ensuring compliance with security standards.
This incident is currently being investigated by a law enforcement agency. The supplier, Kinmax Technology, is based in Taiwan and specializes in networking, cloud computing, storage, security and database management. It lists major brands such as Cisco, HPE, Microsoft, Citrix, VMware and Nvidia among its partners.
On June 29, Kinmax detected a breach in their internal testing environment, leading to the leakage of certain information. They have released a statement in response.
TSMC’s swift action in the face of this incident demonstrates their dedication to protecting customer information and data security. They are working closely with the law enforcement agency to better understand what happened and resolve the issue.
Here at Oxy Networks we specialise in helping avoid breaches of this nature which can be avoided with planning and a steadfast approach to securing networks.