When a well-known tech company gets hacked, it’s noteworthy. GPU manufacturer Nvidia was hacked last week, leading to a group of cybercriminals now taking responsibility and leaking some of the stolen data.
Hackers Steal Nvidia Data
Nvidia admitted that sensitive data was stolen during a cyberattack. The company first became aware of the crime last week and promptly notified law enforcement and hired cybercrime experts to help it respond.
“We are aware that the treat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online,” said Nvidia in a statement.
Some have noted that the attack took place the day before Russia invaded Ukraine and speculated on a connection. However, Nvidia said there is “no evidence that this is related to the Russia-Ukraine conflict.”
With Nvidia being the most valuable U.S. chipmaker and well-known in the gaming community, it’s easy to see how it became a target.
Hackers Start Leaking Nvidia Data
Nvidia hasn’t specified what data was stolen, but a ransomware group posted to Telegram and took responsibility. “We hacked Nvidia,” wrote the hackers. “The hack is kinda public atm.”
The group, identifying themselves as “LAPSUS$” went on to say they had access to Nvidia’s systems for about a week and claimed they stole 1TB of data from Nvidia. “We grabbed the most important stuff, schematics, driver, firmware, etc.”
LAPSUS$ stated they were waiting for Nv. idia to contact them, then said they are selling “a full LHR V2 (GA102-GA104)” if they aren’t contacted by Nvidia..
After publishing a download link, LAPSUS$ said, “We decided to help mining and gaming community, we want nvidia to push an update for all 30 series firmware that remove every lhr limitations otherwise we will leak hw folder.”
LAPSUS$’s first known attack was in December when it attacked Brazil’s Ministry of Health. It got away with 50TB of data, which included vaccination information from the country’s citizens. It has also targeted Impresa, a Portuguese media group, and Claro and Embratel, South American telecom providers.
Nvidia is analyzing the info that was stolen. “Some researchers believe the gang is based in South America, but I’m not sure how solid the evidence is pointing to that,” said Emsisoft threat analyst Brett Callow. “So far they appear to be somewhat amateurish, which could indicate that the individuals involved are not experienced cybercriminals.”
“Security is a continuous process that we take very seriously at Nvidia – and we invest in the protection and quality of our code and products daily,” explained a Nvidia spokesperson.
Wondering how much your hacked info is worth? Read on to find out.
Our latest tutorials delivered straight to your inbox