South American hackers, LAPSUS$, were able to get a hold of Nividia proprietary data. This was confirmed by the company. Data and source code of the Graphics Processing Units company’s products were extracted.
“We are aware that the threat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online,” an official from Nvidia said on Wednesday. “Our team is working to analyze that information. We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.”
Key Points
- Employee credentials were stolen and leaked.
- Malicious malware was not deployed.
- Source codes and data from Nvidia drivers, LHR, and more, have also been leaked.
Nvidia’s Bad Luck Continues
In 2020, Nividia was on the receiving end of the the Russian-backed SolarWinds hack. Pair the new LAPSUS$ hack along with budding and rising competition in the space, Nividia is not in the best spot. Intel is releasing their new Bonanza mining chip, reported to be much more efficient and deliver better performance than SHA-256 based mining GPUs.
What About Nvidia Customers
A threat intelligence specialist, CyberKnow on Twitter, reported that a counter hack was attempted by Nvidia, this means that the data is highly valuable, including compromised employee passwords, and source code. It is reported that Nvidia was not successful in their counter hack as LAPSUS$ backed up all of the data.
Regardless of the outcome, the reverberations of this hack will be felt with government clampdown or the sale of the compromised information to adversary’s and competitors.
It appears that Nvidia has until Friday to adhere to LAPSUS$ demands, and as of this, LAPSUS$ says they are still waiting.
