NVIDIA, famous for designing graphics processing units and integrated circuits, recently became the latest victim of a serious cyberattack. Officials confirm that the incident occurred on February 23, 2022, resulting in the online leaking of employee credentials. “We are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online. Our team is working on analyzing that information,” an NVIDIA spokesperson said.
The company responded immediately to the crime by hardening its network, bringing on cybersecurity incident response experts, and notifying law enforcement officials. Although the investigation into the breach is ongoing, preliminary information suggests no ransomware attack occurred.
Even so, the culprit is a known ransomware gang called Lapsus$, who boasts that they have stolen over a terabyte of information from NVIDIA. The criminals announced on the Telegram online forum that they had begun to disseminate this data over the internet. NVIDIA anticipates that there will be no significant business disruption resulting from the breach.
“Security is a continuous process that we take very seriously at NVIDIA – and we invest in the protection and quality of our code and products daily,” a company spokesperson stated.
This is not the first time that Lapsus$ has been in the news. In 2020, the group successfully targeted Honda and Nissan, as well as a host of other companies.
Due to the ongoing investigation, there is no official word yet on what data was taken or how many employee credentials were compromised. However, NVIDIA has confirmed that they are taking the necessary steps to protect their employees and customers.