TSMC confirms supplier data breach following ransom demand by Russian-speaking cybercriminal group
By Sean Lyngaas, CNN
(CNN) — Taiwanese semiconductor giant TSMC confirmed Friday that one of its hardware suppliers was hacked and had data stolen from it, but said the incident had no impact on business operations.
Confirmation of the breach came after Russian-speaking cybercriminals claimed TSMC as a victim on Thursday and demanded an extraordinary $70 million ransom from the semiconductor firm.
There were no signs that TSMC or the hardware supplier, Taiwanese firm Kinmax, had any plans to pay the hackers (representatives from both companies didn’t respond to CNN’s questions about any ransom).
TSMC — one of the world’s largest chipmakers and a key supplier to Apple (AAPL) — was quick to assure investors and the public that the hack had no impact on its operations and that it did not compromise its customers’ data.
“After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures,” TSMC said in a statement to CNN.
The hackers accessed Kinmax’s internal “testing environment” for the technology it prepares to deliver to customers, Kinmax said in a statement distributed by TSMC.
“The leaked content mainly consisted of system installation preparation that the Company provided to our customers as default configurations,” Kinmax said. The company apologized to customers whose names may show up in the leaked data.
Ransomware groups are known to exaggerate the value of the data they steal and make outlandish demands that are never met.
LockBit is the name of the group claiming responsibility for the hack of the TSMC supplier and the type of ransomware they use. LockBit ransomware was the most deployed ransomware around the world in 2022, according to US cybersecurity officials.
Jon DiMaggio, an executive at security firm Analyst1 who has studied LockBit extensively, said the hackers will likely publish the stolen data or sell it if TSMC refuses to negotiate a ransom.
For years, American officials and Taiwanese cybersecurity experts have looked to fortify the island’s infrastructure in the face of hacking threats.
Taiwan’s chip industry is critical to the global hardware supply chain, making any potentially impactful cyberattacks on it a concern for government officials and business executives around the world.
While the TSMC-related hacking incident doesn’t appear to have been impactful, a separate ransomware attack in 2020 on Taiwan’s state-run energy company temporarily disrupted some customers’ ability to pay for gas with company cards, according to local media reports at the time.
The-CNN-Wire
™ & © 2023 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.