Cybercrime , Cybercrime as-a-service , Endpoint Security

Chipmaker Nvidia Investigating Potential Cyberattack

Lapsus$ Ransomware Group Claims Credit for Attack
Chipmaker Nvidia Investigating Potential Cyberattack

Chipmaker Nvidia has reportedly suffered a massive outage after an alleged security incident affected the company's developer tools and email systems.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail's ATO & Fraud Prevention Challenge

The two-day-long attack was caused by a malicious network intrusion, as first reported by The Telegraph.

"We are investigating an incident. Our business and commercial activities continue uninterrupted," Nvidia said in a statement to ISMG "We are still working to evaluate the nature and scope of the event and don't have any additional information to share at this time."

South American ransomware group Lapsus$ has claimed responsibility for the incident and claims to have exfiltrated over 1TB of proprietary data, according to a Twitter user named Soufiane Tahiri.

A spokesperson for Nvidia was not immediately available to comment.

A global company based in Santa Clara, California, Nvidia designs graphics processing units for the gaming and professional markets, as well as "system on a chip" units for the mobile computing and automotive market.

Lapsus$ Ransomed

Lapsus$ says that Nvidia performed a hackback and successfully ransomed its machines. But hackers say they had a backup and are now leaking all Nvidia employees' passwords and NTLM hashes.

ISMG was able to verify the gang's claims and spotted a Telegram channel named Lapsus$ with under 7,000 subscribers claiming to have breached the database and shared some samples of leaked data.

"To address all the rumors about how Nvidia hacked us. It's simple. Access to Nvidia employee VPN requires the PC to be enrolled in MDM (Mobile Device Management). With this, they were able to connect to a VM we use. Yes, they successfully encrypted the data. However we have a backup and it's safe," the group posted on its Telegram channel.

Lapsus$ also says it is now planning to leak the data in five different releases, as the stolen database is very large.

"On another note, if Nvidia contacts us in email and pays a fee, we will ensure the data isn't leaked," the group says. The group also claims that it is planning to leak data about the RTX and GPUS.

Lapsus$ group hit the limelight in December 2021 following a ransomware attack on websites owned by Brazil's Ministry of Health. The group claimed to have stolen and subsequently deleted around 50TB of data from the ministry’s systems.


About the Author

Prajeet Nair

Prajeet Nair

Principal Correspondent, ISMG

Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.