The email addresses and passwords of more than 71,000 NVIDIA employees were likely stolen in a recent cyberattack and are now circulating within underground communities
On February 23, hackers managed to compromise NVIDIA’s network and steal not only employee credentials but also proprietary information.
The Lapsus$ ransomware gang, which claimed responsibility for the attack and apparently asked the chip maker to pay $1 million for the stolen data, started leaking the compromised information over the weekend, saying the move was retaliation to NVIDIA’s alleged attempt to hack them back.
Earlier this week, the company confirmed that sensitive data was stolen in the incident, but provided no details on the number of impacted individuals or the manner in which its network was breached.
According to data breach monitoring website Have I Been Pwned, however, the hackers managed to exfiltrate the credentials of roughly 71,300 NVIDIA employees.
The attackers stole email addresses and NTLM password hashes, and were subsequently able to crack many of these, after which they made them available to other hacking community members.
As part of the incident, the hackers also appear to have stolen two expired code signing certificates.
According to Rochester Institute of Technology researcher Bill Demirkapi, “Windows still allows them to be used for driver signing purposes.”
Nvidia DataBreach: Response
The giant said: “We do not anticipate any disruption to our business or our ability to serve our customers as a result of this incident.” The hacking group said that the giant was able to encrypt one of the computers of the hacking group when they were extracting data.
Nvidia doesn’t believe that the attack has any relation to the recent political conflicts between Russia and Ukraine. The hacker group has also denied any political affiliation. “We have no evidence of ransomware being deployed in the Nvidia environment or that this is related to the Russia-Ukraine conflict.”
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- UK: NCSC publishes new cybersecurity guidance for online retailers - 22 September 2022
- How to request a CVE: From vulnerability discovery to disclosure - 21 September 2022
- Rockstar confirms hack after Grand Theft Auto 6 leak - 19 September 2022