Nvidia Admits Hackers Stole Employee and Internal Data

Nvidia has released more details of an apparent ransomware attack on its networks, admitting that internal data has been taken.

The US chip giant had previously given little away, saying only that its “business and commercial activities continue uninterrupted” while it investigated the attack, which was first reported last week.

However, a new statement has gone further.

“Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement,” the Nvidia statement revealed.

“We have no evidence of ransomware being deployed on the Nvidia environment or that this is related to the Russia-Ukraine conflict. However, we are aware that the threat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online.”

The group in question is thought to be the Lapsus ransomware gang, which is claiming to have 1TB of Nvidia data in its possession.

According to screenshots on Twitter, the group is also claiming to have “complete silicon, graphics and computer chipset files for all recent Nvidia GPUs,” and threatened to leak information on the company’s Lite Hash Rate (LHR) technology.

This was introduced to graphics cards to limit their use in cryptocurrency mining, so any leak of this proprietary tech could have major repercussions in the crypto-mining space, assuming the hackers are not bluffing.

There was no word from Nvidia on whether it had “hacked back” at the group following the breach, as Lapsus claimed.

The threat actors said Nvidia had used the mobile device management connection used by the group to access an employee VPN, in order to target and encrypt its data. However, they claimed to have offline backups.

Nvidia has released more details of an apparent ransomware attack on its networks, admitting that internal data has been taken.

The US chip giant had previously given little away, saying only that its “business and commercial activities continue uninterrupted” while it investigated the attack, which was first reported last week.

However, a new statement has gone further.

“Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement,” it revealed.

“We have no evidence of ransomware being deployed on the Nvidia environment or that this is related to the Russia-Ukraine conflict. However, we are aware that the threat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online.”

The group in question is thought to be the Lapsus ransomware gang, which is claiming to have 1TB of Nvidia data in its possession.

According to screenshots on Twitter, the group is also claiming to have “complete silicon, graphics and computer chipset files for all recent Nvidia GPUs,” and threatened to leak information on the company’s Lite Hash Rate (LHR) technology.

This was introduced to graphics cards to limit their use in cryptocurrency mining, so any leak of this proprietary tech could have major repercussions in the crypto-mining space – assuming the hackers are not bluffing.

There was no word from Nvidia on whether it had “hacked back” at the group following the breach, as Lapsus claimed.

The threat actors said Nvidia had used the mobile device management connection used by the group to access an employee VPN, in order to target and encrypt its data. However, they claimed to have offline backups.

What’s Hot on Infosecurity Magazine?