The chipmaker giant Nvidia was recently the victim of a cyber attack that impacted some of its systems for two days. The security breach is not connected to the ongoing crisis in Ukraine, according to a person familiar with the incident.
The incident also impacted the company’s developer tools and email systems, but business and commercial activities were not affected.
“Our business and commercial activities continue uninterrupted,” Nvidia said in a statement. “We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.”
The Lapsus$ ransomware gang is claiming responsibility for this attack, the group announced to have stolen 1 TB of data from Nvidia’s network. The ransomware gang leaked online around 20GB of data, including credentials for all Nvidia employees.
The company launched an investigation into the incident to determine the extent of the intrusion that confirmed that the attackers have stolen data from the chipmaker.
NVIDIA said employee credentials and proprietary information were stolen during a cyberattack they announced on Friday.
The chipmaker giant discovered the intrusion on February 23, the attack also impacted its IT resources.
“Access to NVIDIA employee VPN requires the PC to be enrolled in MDM (Mobile Device Management). With this they were able to connect to a [virtual machine] we use. Yes they successfully encrypted the data,” the group claimed in a subsequent message.” the LAPSU$ ransomware gang wrote on its Telegram change. “However we have a backup and it’s safe from scum! We are not hacked by a competitors groups or any sorts.”
Below is the statement shared by NVIDIA with some websites and published by BleepingComputer.
“On February 23, 2022, NVIDIA became aware of a cybersecurity incident which impacted IT resources. Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement.” reads the statement. “We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict. However, we are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online. Our team is working to analyze that information. We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.”
Follow me on Twitter: @securityaffairs and Facebook
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, NVIDIA)