Taiwan Semiconductor Manufacturing Co (TSMC) said on Friday that a cybersecurity incident involving one of its IT hardware suppliers has led to the leak of the vendor’s company data. TSMC is one of the chip supplier to Apple.Â
In a statement to Reuters, the company has confirmed that its business operations or customer information were not affected following the cybersecurity incident at its supplier Kinmax.
“TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident which led to the leak of information pertinent to server initial setup and configuration,” the company said in a statement.
The chip maker was hit by LockBit group that has reportedly obtained the company’s sensitive information which commands 60% of the global foundry market.
According to William Thomas, a cyber threat intelligence researcher at Equinix (via TechCrunch), the gang is threatening to publish data stolen from the company, unless the company pays a $70 million ransom demand. This is one of the largest known ransom demands in history.
“In the case of payment refusal, also will be published points of entry into the network and passwords and logins company,” LockBit wrote.Â
Victims range from U.S. government departments, UK’s telecom regulator, to energy giant Shell, all affected since a security flaw was discovered in Progress Software’s MOVEit Transfer product last month.
The TSMC vendor breach is part of a larger trend of significant security incidents affecting various companies and government entities. TSMC said it has cut off data exchange with the affected supplier following the incident.
In a statement to TechCrunch, a TSMC spokesperson confirmed that a “cybersecurity incident” at one of the company’s IT hardware suppliers, named as Kinmax Technology, led to the leak of “information pertinent to server initial setup and configuration.”
“Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information. After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures,” the spokesperson added.
(With inputs from agencies)
Download The Mint News App to get Daily Market Updates & Live Business News.
Updated: 30 Jun 2023, 10:26 PM IST