American semiconductor provider Microchip Know-how Integrated has confirmed that worker info was stolen from programs compromised in an August cyberattack, which was later claimed by the Play ransomware gang.
Headquartered in Chandler, Arizona, the chipmaker has round 123,000 prospects from a number of trade sectors, together with industrial, automotive, client, aerospace and protection, communications, and computing markets.
On August 20, Microchip Know-how disclosed that operations at a number of manufacturing amenities had been affected by a cyberattack found on August 17. The incident impacted the corporate’s capacity to satisfy orders and compelled it to close down a few of its programs and isolate the affected ones to include the breach.
In a Wednesday submitting with the U.S. Securities and Change Fee, Microchip Know-how revealed that its operationally essential IT programs at the moment are again on-line, with operations “considerably restored” and the firm processing buyer orders and delivery merchandise for over per week.
Microchip Know-how added that the attackers had stolen some worker information from its programs but it surely has but to seek out proof that buyer info was additionally exfiltrated through the breach.
“Whereas the investigation is constant, the Firm believes that the unauthorized occasion obtained info saved in sure Firm IT programs, together with, for instance, worker contact info and a few encrypted and hashed passwords. We now have not recognized any buyer or provider information that has been obtained by the unauthorized occasion,” Microchip Know-how stated.
“The Firm is conscious that an unauthorized occasion claims to have acquired and posted on-line sure information from the Firm’s programs. The Firm is investigating the validity of this declare with help from its outdoors cybersecurity and forensic specialists.”
Assault claimed by Play ransomware
Microchip Know-how continues to be evaluating the extent and impression of the cyberattack with assist from exterior cybersecurity specialists. It is also nonetheless restoring IT programs that had been impacted within the incident. Regardless of nonetheless engaged on restoration after the assault, the corporate says it has been processing buyer orders and delivery merchandise for over per week.
Despite the fact that Microchip Know-how continues to be investigating the character and scope of the cyberattack, the Play ransomware gang claimed duty on August 29, when it added the American chipmaker to its information leak web site on the darkish net.
They claimed to have stolen a variety of knowledge from Microchip Know-how’s compromised programs, together with “non-public and private confidential information, shoppers paperwork, finances, payroll, accounting, contracts, taxes, IDs, finance info,” and extra.
The ransomware gang has since partially leaked the allegedly stolen information and threatened to leak the remainder of it if the corporate does not react to the leak.
Play ransomware emerged in June 2022, with preliminary victims in search of assist by means of BleepingComputer’s boards. Play operators steal delicate information from compromised programs to make use of in double-extortion schemes, placing stress on victims to pay a ransom in the event that they wish to keep away from having their information leaked on-line.
Notable Play ransomware victims embody cloud computing firm Rackspace, automobile retailer big Arnold Clark, the Belgian metropolis of Antwerp, the Metropolis of Oakland in California, and, most just lately, Dallas County.
In collaboration with CISA and the Australian Cyber Safety Centre (ACSC), the FBI additionally issued a joint advisory in December warning that this ransomware group had breached round 300 organizations globally as of October 2023.