LockBit claims to have hacked the Taiwanese company TSMC and now wants a ransom of 70 million dollars. The group is the third largest chip manufacturer in the world. TSMC replies that only a small supplier was caught.
On the LockBit 3 leak page you can still see the leak that the Taiwanese company TSMC was hacked and data was stolen. The APT group demands a ransom of 70 million dollars for the data or wants to publish it on the Internet. The group is probably demanding the highest ransom that has ever been demanded.
Not TSMC but a hardware supplier
🔎 LockBit is of the opinion that it has captured TSMC data - but it is probably only data from a hardware supplier (Image: B2B-CS).
gegenüber BleepingComputer said a TSMC spokesman. It is not an attack on TSMC systems, but on the systems of Kinmax Technology - one of TSMC's IT hardware suppliers. Kinmax Technology is said to have already reported an incident in which data was probably also stolen. According to TSMC, the provider is responsible for the initial setup and configuration of servers. However, TSMC assures that every hardware component goes through a series of security checks before being installed in TSMC's system.
TSMC has not only confirmed that its systems have not been impacted in any way, but has also stopped working with the affected supplier until the situation is resolved. Finally, the semiconductor company informed the online portal BleepingComputer that the investigation into the cyber security incident is still ongoing and that a law enforcement agency is also involved.
Kinmax Technology reports on the incident
On the website of Kinmax Technology the following is reported: “On the morning of June 29, 2023, the company found that it was attacked by an external group in the company's internal specific test environment and relevant information was retrieved. On the same day we completed the notification and apologized to the customer. At the same time, we invited an external information security team to work with the customer to mitigate the damage.
The attacked environment is the technical test area. This is the system installation environment prepared for customers. The captured content is parameter information such as installation configuration files. The customer’s company name (TSMC) gave the cyber attackers hope that they could use this to obtain sensitive customer information.”
Since Kinmax Technology isn't even remotely the size of TSMC, the request won't be complied with - even if you might have wanted to. There are currently over 30 days left on the countdown timer. On 06 Aug, 2023 09:16:35 UTC should be the moment of truth - at least according to LockBit 3.