The LockBit ransomware group claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC), but the chip giant says only one of its suppliers was breached.
The notorious cybercrime group announced on Thursday on its website that it targeted TSMC, suggesting — based on the $70 million ransom demand — that it has stolen vast amounts of sensitive information. The victim was initially given seven days to respond, but the deadline has been extended to August 6 at the time of writing.
Contacted by SecurityWeek, TSMC said it was recently made aware that one of its IT hardware suppliers had experienced a cybersecurity incident that led to information related to initial server setup and configuration being compromised.
“At TSMC, every hardware component undergoes a series of extensive checks and adjustments, including security configurations, before being installed into TSMC’s system. Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information,” TSMC said.
It added, “After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures. TSMC remains committed to enhancing the security awareness among its suppliers and making sure they comply with security standards. This cybersecurity incident is currently under investigation that involves a law enforcement agency.”
The impacted supplier is Taiwan-based Kinmax Technology, a systems integrator specialized in networking, cloud computing, storage, security and database management. The company claims on its website that its partners include major firms such as Cisco, HPE, Microsoft, Citrix, VMware and Nvidia.
In a statement issued on Friday, Kinmax said it discovered on June 29 that its “internal specific testing environment” had been breached and that “some information was leaked”.
“The leaked content mainly consisted of system installation preparation that the Company provided to our customers as default configurations,” Kinmax explained. “We would like to express our sincere apologies to the affected customers, as the leaked information contained their names which may have caused some inconvenience. The company has thoroughly investigated this incident and implemented enhanced security measures to prevent such incidents from occurring in the future.”
The notorious WannaCry malware caused significant disruptions in TSMC factories back in 2018.
Related: Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack
Related: British Manufacturing Firm Morgan Advanced Materials Investigating Cyberattack
Related: U.S. Semiconductor Maker MaxLinear Discloses Ransomware Attack