Apple chip supplier Taiwan Semiconductor Manufacturing Company (TSMC) recently suffered a data breach, reports TechCrunch. TSMC fabricated all of the A-series and M-series chips used to power Apple devices.
The data was stolen from Kinmax Technology, a TSMC partner company that provides IT services like networking, cloud computing, storage, and database management. Kinmax on Thursday told TSMC that its “internal specific testing environment was attacked,” leading to the leak of “system installation preparation.”
A TSMC spokesperson told TechCrunch said that a “cybersecurity incident” caused data “pertinent to server initial setup and configuration” to leak. TSMC assured the publication that customer information has not been impacted.
“Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information. After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures.”
The LockBit ransomware gang’s website listed TSMC data on Thursday. The gang is demanding $70 million from the chipmaker to prevent it from publishing the stolen data. TSMC is just the latest victim of LockBit, which has attacked the UK’s Royal Mail, U.S. government websites, pharmaceutical companies, and others.
This is one of the largest known ransom demands in history, according to Equinix cyber threat intelligence researcher William Thomas.
LockBit says that if TSMC does not pay up, it will also publish passwords and logins.
Kinmax also partners with other companies, which include Microsoft, Cisco, and VMware. It is not yet known if those companies were also affected by the breach.
