TSMC blames integrator for hack

Chipmaker has ceased sharing data with Kinmax Technology

TSMC blames integrator for hack

Image:
TSMC blames integrator for hack

LockBit has demanded $70 million from TSMC to not post stolen data on its dark web site.

Taiwanese chip giant TSMC confirmed it suffered impacts from a data breach Friday, which the contract manufacturer blamed on a cyberattack against a system integrator that had supplied the company with hardware.

TSMC, a key supplier to Apple, says that its breach stemmed from an earlier attack against Kinmax Technology, which had supplied TSMC with hardware.

In an unsigned statement provided to CRN, TSMC said its business operations and customer data were not impacted in the attack, which the chipmaker said derived from an attack against Taiwan-based system integrator Kinmax Technology.

TSMC acknowledged the breach after LockBit, a prolific Russian-speaking cybercriminal group, disclosed on its dark web site Thursday that it has acquired TSMC data.

LockBit threatened to publish the data unless it receives a $70 million payment. That amount is tied for the fourth-largest ransom demand to date, according to Equinix's William Thomas.

The cybercrime group also threatened to post "points of entry into the [TSMC] network" along with passwords if it's not paid the extortion demand by a deadline of 6th August.

TSMC — which stands for Taiwan Semiconductor Manufacturing Company — is the world's largest semiconductor foundry by far. The company's biggest and highest-profile client is Apple, and the manufacturer has long produced key chips for Apple devices, including the iPhone.

Leak of information

TSMC said in its statement on Friday that "one of our IT hardware suppliers experienced a cybersecurity incident which led to the leak of information pertinent to server initial setup and configuration.

"Upon review, this incident has not affected TSMC's business operations, nor did it compromise any [of] TSMC's customer information."

TSMC provided a separate letter that it said was from Kinmax Technology, which indicates the attack was discovered on Thursday morning.

At that point, Kinmax "discovered that our internal specific testing environment was attacked, and some information was leaked," according to the letter from Kinmax.

"The leaked content mainly consisted of system installation preparation that the company provided to our customers as default configurations."

Kinmax has elsewhere identified itself as a Taiwan-based system integrator that focuses on IT segments including networking, cloud, storage and cybersecurity.

A Kinmax executive declined to disclose to TechCrunch how many customers were affected by the attack.

Kinmax said on its website that it partners with a number of major tech vendors including Hewlett Packard Enterprise, Microsoft, Cisco, VMware, NetApp and Nvidia.

TSMC said in its statement that it has "terminated its data exchange with this concerned supplier," and noted that the incident remains under investigation, with law enforcement now involved.

In the chip foundry market, TSMC boasted market share of 60.1% during the first quarter of the year, well above the 12.4% share of number two 2 foundry Samsung, according to chip research firm TrendForce.

This article was first published on CRN.