American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling (DLSS) technology.
"We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict," the company said in a security notice. "However, we are aware that the threat actor took employee passwords and some NVIDIA proprietary information from our systems and has begun leaking it online."
The incident is said to have come to light on February 23, with the company noting that it's taken steps to analyze the leaked information and that it's enforcing all of its employees to change their passwords with immediate effect.
The confirmation comes days after The Telegraph last week reported that the company is investigating a potential cyber attack that took "parts of its business offline for two days." Bloomberg, in a follow-on report, said the breach was a minor ransomware attack, citing a "person familiar with the incident."
According to dark web intelligence firm DarkTracer, the LAPSUS$ extortionist gang – also behind the attacks on Impresa, Localiza, Claro, and Embratel earlier this year – has claimed responsibility for the incident, leaking what it said was stolen confidential information unless paid a "fee."
Also included in the theft, among schematics and source code for drivers and firmware, are the email addresses and NTLM password hashes for 71,335 of the chipmaker's employees, Troy Hunt's data breach notification service Have I Been Pwned has revealed.
Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!Save My Seat!
On top of that, the group also alleged that NVIDIA had hacked back and encrypted the plundered data with ransomware, adding it eventually recovered the files from a backup.
Since then, the intruders have revised their demands, calling on NVIDIA to release a software update that removes the Lite Hash Rate (LHR) technology in its graphics cards, which is designed to reduce the Ethereum mining rate by 50% and prevent cryptocurrency miners from buying the gaming-focused GPUs.
"We request that NVIDIA commits to completely open-source (and distribute under a FOSS license) their GPU drivers for Windows, macOS, and Linux, from now on and forever," the cybercriminals posted on their Telegram group, in addition to threatening with more leaks and offering a LHR bypass tool for $1 million.
The developments, however, haven't fazed NVIDIA. "We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident," the company said in a statement.