An extortion group known as RansomHouse claims to have stolen 450GB of data from chipmaker AMD.
As Restore Privacy reports(Opens in a new window), RansomHouse says it breached AMD's network on Jan. 5 and exfiltrated over 450GB of data. A sample of the data was published and includes network files, system information, and passwords. Apparently breaching the network was relatively easy because the passwords used to protect it were "simple."
AMD has acknowledged the potential breach and theft, with a company representative stating, "AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway."
According to TechCrunch(Opens in a new window), who has seen some of the stolen data, RansomHouse isn't kidding about the passwords being simple. AMD employees are apparently relying on passwords such as “password,” “123456,” and “Welcome1” to secure their accounts. And we all know that's a really bad idea.
If true, it demonstrates how those employees haven't been trained or encouraged to use strong passwords, but just as importantly, AMD clearly isn't employing any security checks on their systems to ensure they do.
It's unclear what RansomHouse wants from AMD, and the company hasn't stated if a ransom demand has been received. When asked by TechCrunch about password security measures, AMD refused to comment. So for now, we simply need to wait and see what AMD's investigation discovers and what the company chooses to share publicly.
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of
Read more on pcmag.com