Malware
Nexperia Chipmaker Confirms Explosive Data Breach Following Ransomware Gang’s Sinister Leak
Chipmaker Nexperia suffered a cyberattack as ransomware group ‘Grief’ leaked the company’s data. The breach exposed sensitive files, including employee information. Nexperia is working closely with law enforcement and external cybersecurity experts to investigate the incident and mitigate any potential impacts on its partners and customers.
Picture this: a leading Dutch chipmaker, Nexperia, experiences a major cyber attack, forcing it to shut down its IT systems and launch an investigation to assess the damage. It’s a real-life scenario that unfolded in March 2024 when hackers breached the company’s network, and a ransomware gang claimed responsibility, leaking samples of supposedly stolen data.
Nexperia is no small fish in the tech pond. As a subsidiary of Chinese company Wingtech Technology, it operates semiconductor fabrication plants in Germany and the UK, producing a staggering 100 billion units that range from transistors and diodes to MOSFETs and logic devices. Employing 15,000 specialists and boasting an annual revenue of over $2.1 billion, this is a company that has a lot to lose.
Immediate Response and Investigation
Upon discovering the unauthorized access to its IT servers, Nexperia released a statement detailing its swift response. The company took action by disconnecting the affected systems from the internet, containing the incident, and implementing extensive mitigation measures.
It didn’t stop there, though. Nexperia enlisted the help of third-party experts and FoxIT to investigate the nature and scope of the breach. Furthermore, the company reported the incident to the police and data protection authorities in the Netherlands.
Enter Dunghill Leak
On April 10, the extortion site ‘Dunghill Leak’ announced its breach of Nexperia, claiming to have stolen a whopping 1 TB of confidential data. The site leaked samples of allegedly stolen files, including microscope scans of electronic components, employee passports, non-disclosure agreements, and more. It’s important to note, however, that the authenticity of these samples has not been confirmed by Nexperia.
So, what’s at stake? If the ransom demand isn’t met, Dunghill claims it will leak a vast array of sensitive data, such as design and product data, engineering data, commercial and marketing data, corporate data, client and user data, and various files and miscellaneous data, including email storage files. Some big-name brands like SpaceX, IBM, Apple, and Huawei are potentially at risk.
The Dark Angels Connection
Dunghill Leak is linked to the Dark Angels ransomware gang, which uses the data leak site to pressure attacked organizations into paying a ransom. In September 2023, we reported that Dark Angels breached building automation giant Johnson Controls and encrypted the company’s VMWare and ESXi virtual machines. The gang threatened to publish the stolen data on the Dunghill Leak website, but it never materialized.
As of now, the Dunghill Leak extortion site lists twelve victims, with data for eight either fully or partially released, while two are marked as ‘sold on the dark web.’
Stay Informed and Stay Protected
The Nexperia breach is yet another reminder of the importance of cybersecurity in today’s technologically driven world. By staying informed about the latest cyber threats, you can better protect yourself and your organization.
If you’re curious to learn more about cybersecurity and how it affects you, don’t hesitate to contact us. Keep coming back for more insights and updates on the ever-evolving world of cybersecurity. We’re here to help you stay safe in the digital age.