Cyberattack on Nvidia results in data leak, credential theft
Filing to Canada Energy Regulator by the North American Electric Reliability Corporation Regarding Revisions to NERC Rules of Procedure
March 4, 2022
ERCOT/Public Utility Commission of Texas (PUCT) Electric Service Emergency Operations Plans Due April 15, 2022
March 4, 2022
Summary:
Leading U.S. chipmaker Nvidia said a threat actor attacked its IT network, stealing employee credentials and some proprietary information, according to a company spokesperson. The company confirmed the threat actor, which it did not identify by name, has begun leaking the information online. Nvidia said it worked to harden its computer network, retained incident response experts and notified law enforcement agencies. The incident was discovered on February 23, 2022. The company said the attack was unrelated to the Ukraine war and said ransomware was not deployed. Lapsus$, a group based in Latin America, claimed last week that it attacked the company and stole more than 1 TB of data, according to VX-Underground, which collects malware source code and samples.
Additional Discussion:
Take Aways
- Nvidia is investigating a cybersecurity incident that reportedly impacted operations at the leading U.S. chipmaker in recent days.
- It has been reported that an incident may have "completely compromised" internal Nvidia systems.
- It remains unclear whether data was stolen or deleted or computer systems were merely disrupted.
Link:
