Hackers Demand $70M From TSMC, But Only Third-Party Test System Was Hit

pcmag.com:

A notorious ransomware gang says it breached chipmaker TSMC, but the Taiwanese company says the hackers merely breached a third-party supplier. 

The LockBit ransomware group posted about the hack on Thursday with screenshots of internet files supposedly stolen from the chipmaker. The gang is now demanding TSMC pay an exorbitant $70 million to avoid having the stolen files posted on the dark web. 

“In the case of payment refusal, also will be published points of entry into the network and passwords and logins company,” LockBit warns.                     

The day before, a hacker named “Bassterlord,” who’s affiliated with LockBit, also tweeted about the breach into TSMC, including other screenshots that appear to show they had internal access into a company system.

But despite the claims from LockBit and BassterLord, TSMC says the company itself was never breached. Instead, a third-party IT supplier named Kinmax Technology suffered a hack, it says. 

“Upon review, this incident has not affected TSMC's business operations, nor did it compromise any TSMC's customer information,” the company told(Opens in a new window) BleepingComputer. In addition, TSMC has temporarily halted all business with the IT supplier. 

Kinmax, which supplies networking and cloud computing, also confirmed it experienced a breach on Wednesday. But the company notes the hackers only infiltrated a “test environment."

“The environment under attack is the engineering test area. This is the system installation environment prepared for customers,” Kinmax said in a statement(Opens in a new window). “The captured content is parameter information such as installation configuration files. However, because the company name of a specific customer is used, it has