A notorious ransomware gang says it breached chipmaker TSMC, but the Taiwanese company says the hackers merely breached a third-party supplier.
The LockBit ransomware group posted about the hack on Thursday with screenshots of internet files supposedly stolen from the chipmaker. The gang is now demanding TSMC pay an exorbitant $70 million to avoid having the stolen files posted on the dark web.
“In the case of payment refusal, also will be published points of entry into the network and passwords and logins company,” LockBit warns.
The day before, a hacker named “Bassterlord,” who’s affiliated with LockBit, also tweeted about the breach into TSMC, including other screenshots that appear to show they had internal access into a company system.
But despite the claims from LockBit and BassterLord, TSMC says the company itself was never breached. Instead, a third-party IT supplier named Kinmax Technology suffered a hack, it says.
“Upon review, this incident has not affected TSMC's business operations, nor did it compromise any TSMC's customer information,” the company told BleepingComputer. In addition, TSMC has temporarily halted all business with the IT supplier.
Kinmax, which supplies networking and cloud computing, also confirmed it experienced a breach on Wednesday. But the company notes the hackers only infiltrated a “test environment."
“The environment under attack is the engineering test area. This is the system installation environment prepared for customers,” Kinmax said in a statement. “The captured content is parameter information such as installation configuration files. However, because the company name of a specific customer is used, it has attracted the attention of cyber attack groups.”
As a result, Kinmax says no important information was stolen from TSMC. “It is only the basic setting at the time of shipment. At present, no damage has been caused to the customer, and the customer has not been hacked by it,” the company adds. So it's likely LockBit's ransomware demand will be ignored.