Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Data confirmed stolen in Microchip Technology cyber attack

Major US chipmaker Microchip Technology Incorporated has confirmed that the threat actors behind last month’s cyber attack exfiltrated employee data.

user icon Daniel Croft
Fri, 06 Sep 2024
Data confirmed stolen in Microchip Technology cyber attack
expand image

On 20 August, the company announced that a cyber attack had affected its operations and that some of its systems had been taken down to isolate the incident.

Now, Microchip Technology has confirmed that while systems are back online and manufacturing is mostly restored, it was able to confirm that employee data was exfiltrated.

“While the investigation is continuing, the company believes that the unauthorised party obtained information stored in certain company IT systems, including, for example, employee contact information and some encrypted and hashed passwords. We have not identified any customer or supplier data that has been obtained by the unauthorised party,” the company said.

============
============

“The company is aware that an unauthorised party claims to have acquired and posted online certain data from the company’s systems. The company is investigating the validity of this claim with assistance from its outside cyber security and forensic experts.”

As Microchip Technology mentioned, the attack on the company was claimed by threat actors from the Play ransomware gang.

The group said some data had already been published, but it said that if Microchip does not meet its demands, it will publish the rest.

“Private and personal confidential data, clients documents, budget, payroll, accounting, contracts, taxes, IDs, finance information and etc.,” said Play.

“For now, part of the data have been published. If there [is] no reaction, full dump will be uploaded.”

Attacks on chip manufacturers aren’t new and can have a detrimental effect on technology supply chains.

Just last year, the National Intelligence Service (NIS) of South Korea identified a North Korean hacking campaign targeting chip and semiconductor manufacturers.

The hacking campaign lasted from the middle of 2023 until early 2024 and involved attempts to compromise multiple chip manufacturers.

In at least two cases, the hackers were able to exfiltrate data in December 2023 and February 2024, respectively. In both instances, the North Korean threat actor was able to steal “product design drawings” and site photos of the targeted manufacturing facilities.

“The NIS believes the cyber attacks are part of a wider effort by North Korea to kickstart its own semiconductor industry. International sanctions restrict the sale of semiconductors to the rogue nation, while at the same time, North Korea is expanding its satellite and missile development programs – two very high-demand industries when it comes to semiconductors.

“As to the nature of the attacks, the North Korean hackers relied upon stealthy living-off-the-land techniques to evade detection on South Korean networks.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.