Malicious actors have breached some of ASML’s systems, but the company says the attackers haven’t gained access to any valuable information.
ASML is a Veldhoven, Netherlands-based company that designs and manufactures machines for the production of complex integrated circuits that power electronic, communications, and IT products. The company is a leading provider of lithography systems for the semiconductor industry, with customers such as Samsung, Intel, and Taiwan Semiconductor Manufacturing Company (TSMC).
The breach was discovered by the company’s IT staff, which took immediate steps to contain the incident. An investigation is ongoing, but ASML believes the attackers only had access to its systems for a short period of time.
“At this time it appears that only a limited amount of data has been accessed. ASML has not found any evidence that valuable files, either from ASML or our customers and suppliers, have been compromised,” ASML said in a statement.
The company says it hasn’t determined the identity of the attackers. However, anonymous sources cited by the Dutch tech website Tweakers.nl said the attack was carried out by the Chinese government.
“ASML, like any other leading organization, is subject to cybersecurity attacks. We take knowledge protection very seriously and constantly work to improve our defenses against hacking attempts and our detection capabilities,” the company stated.
ASML is not providing any additional information regarding the incident unless there is a significant development.
China is often the primary suspect when it comes to cyber espionage operations aimed at major tech companies. One of the hacking groups believed to have ties to the Chinese military has been dubbed “Putter Panda.” The group’s targets include government, research, defense and technology organizations in the United States. Another well-known threat actor linked to the Chinese military is APT1, whose activities were detailed by Mandiant in February 2013.
The Chinese government has always denied any involvement in cyber espionage operations. However, in May 2014, US authorities indicted five Chinese officials for hacking companies in the nuclear, metals and solar power industries.