The recent cyberattack against Nvidia saw threat actors made away with a terabyte of sensitive data, the GPU maker has confirmed.
“We are aware that the threat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online,” the company said in a statement.
Nvidia did not detail the nature of files that were stolen, however LAPSUS$, the group that says it conducted the raid claims it got away 1TB of data about the company’s hardware and software - which it is now threatening to leak online unless the company pays a cryptocurrency ransom.
Leaking bits of data
To prove they mean business, the group has already leaked 19GB of stolen data, including the source code for Nvidia's framerate boosting DLSS technology.
Even though LAPSUS$ is a ransomware operator, Nvidia is saying the group did not deploy such malware on its endpoints.
"We have no evidence of ransomware being deployed on the Nvidia environment or that this is related to the Russia-Ukraine conflict," the company said.
The group rose to infamy in early January this year, when it targeted Impresa, Portugal’s biggest media conglomerate. Striking over the New Year holidays, it took down multiple Impresa websites, TV channels, as well as the website of the Expresso printed newspaper, although it claims not to be affiliated with a nation-state of any kind.
It claimed to have gained access to the company’s Amazon Web Services (AWS) infrastructure, as well as its Twitter account.
In early December 2021, the group struck the websites of Brazil’s Ministry of Health (MoH), suspending Covid-19 vaccination efforts across the country. It claimed to have stolen 50TB worth of data, before deleting them from the MoH’s servers.
- Here's our rundown of the best firewalls right now
Via: PCMag
