Taiwan Semiconductor Manufacturing Co (TSMC) mentioned on Friday {that a} cybersecurity incident involving one in every of its IT {hardware} suppliers has led to the leak of the seller’s firm information. TSMC is likely one of the chip provider to Apple.
In a press release to Reuters, the corporate has confirmed that its enterprise operations or buyer data weren’t affected following the cybersecurity incident at its provider Kinmax.
“TSMC has lately been conscious that one in every of our IT {hardware} suppliers skilled a cybersecurity incident which led to the leak of knowledge pertinent to server preliminary setup and configuration,” the corporate mentioned in a press release.
The chip maker was hit by LockBit group that has reportedly obtained the corporate’s delicate data which instructions 60% of the worldwide foundry market.
In accordance with William Thomas, a cyber menace intelligence researcher at Equinix (by way of TechCrunch), the gang is threatening to publish information stolen from the corporate, until the corporate pays a $70 million ransom demand. This is likely one of the largest recognized ransom calls for in historical past.
“Within the case of fee refusal, additionally might be printed factors of entry into the community and passwords and logins firm,” LockBit wrote.
Victims vary from U.S. authorities departments, UK’s telecom regulator, to power big Shell, all affected since a safety flaw was found in Progress Software program’s MOVEit Switch product final month.
The TSMC vendor breach is a component of a bigger pattern of serious safety incidents affecting numerous firms and authorities entities. TSMC mentioned it has minimize off information alternate with the affected provider following the incident.
In a press release to TechCrunch, a TSMC spokesperson confirmed {that a} “cybersecurity incident” at one of many firm’s IT {hardware} suppliers, named as Kinmax Know-how, led to the leak of “data pertinent to server preliminary setup and configuration.”
“Upon evaluate, this incident has not affected TSMC’s enterprise operations, nor did it compromise any TSMC’s buyer data. After the incident, TSMC has instantly terminated its information alternate with this involved provider in accordance with the Firm’s safety protocols and commonplace working procedures,” the spokesperson added.
(With inputs from companies)
Up to date: 30 Jun 2023, 10:26 PM IST