A threat actor leaked Nvidia Corp. employee credentials and some company proprietary information online after the chipmaker’s systems ended up breached in what appears like a ransomware attack.

“We have no evidence of ransomware being deployed on the Nvidia environment or that this is related to the Russia-Ukraine conflict,” the company’s spokesperson said in a statement Tuesday.

The Santa Clara, California-based company became aware of the breach on Feb. 23. The company is analyzing the leaked information and does not anticipate any disruption to the company’s business.

A ransomware group under the name “Lapsus$” reportedly claimed to be responsible for the leak and seemingly has information about the schematics, drivers and firmware, among other data, about the graphics chips.

The group claims to have stolen 1 terabyte of information, including “highly confidential/secret data” and proprietary source code.

Schneider Bold

The ransomware group is new to the scene and some researchers believe the Lapsus$ gang is based in South America, but no one really knows for sure. Others said the group looks a bit like amateurs, which could mean they are just getting their feet wet and will learn and grow into stronger and more active attackers.

At a market cap of about $600 billion, Nvidia is the most valuable chipmaker in the United States. It is known for its graphics processing units (GPU) that enhance videogaming experiences and advanced computer simulations.

“This is typical of ransomware gangs nowadays where they can still cause brand damage and steal IP without actually deploying the final ransomware payloads,” said Dr. Saumitra Das, CTO and co-Founder of Blue Hexagon. “Double and triple extortion are all part of the current playbook for these attackers. In this case, it appears that the group claims to have been able to steal IP without encrypting data. There is always a tradeoff for the attackers between encrypting data and stealing data because encryption and deletion can trigger alarms at organizations with mature security programs and take away the leverage from the attackers.”


Pin It on Pinterest

Share This