AMD held to ransom by gang that claims 450GB of data has been stolen
Semiconductor giant AMD says that it is investigating what claims to be a major data breach of its network, that saw a group of online criminals steal 450GB of data from its systems.
The RansomHouse group, a relatively new player on the data extortion scene, claims that AMD was attacked earlier this year, exploiting the company's poor password practices.
As Restore Privacy describes, RansomHouse teased its followers on Telegram on June 20 that it had hacked a major company, asking them to guess who they thought the victim might have been... before revealing AMD's identity a few days later.
According to the gang, networks at AMD were protected with "simple passwords" including:
"It is a shame those are real passwords used by AMD employees," writes RansomHouse on its data leak site hosted on the dark web. "But a bigger shame to AMD Security Department which gets significant financing according to the documents we got our our hands on - all thanks to these passwords."
Although RansomHouse does not claim to have installed data-encrypting ransomware on AMD's servers, there's still plenty for the chip company to worry about. If its systems were indeed breached and information exfiltrated by hackers then the threat remains that the data could be published on the darknet or sold on to other criminals.
For its part, AMD says that it is "aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway."
RansomHouse claims to have breached other organisations in the past, including the Saskatchewan Liquor and Gaming Authority (SLGA), Shoprite, Jefferson Credit Union, and others.
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022