Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Chip Equipment Firm ASML Suffers Data Breach

Malicious actors have breached some of ASML’s systems, but the company says the attackers haven’t gained access to any valuable information.

Malicious actors have breached some of ASML’s systems, but the company says the attackers haven’t gained access to any valuable information.

ASML is a Veldhoven, Netherlands-based company that designs and manufactures machines for the production of complex integrated circuits that power electronic, communications, and IT products. The company is a leading provider of lithography systems for the semiconductor industry, with customers such as Samsung, Intel, and Taiwan Semiconductor Manufacturing Company (TSMC).

The breach was discovered by the company’s IT staff, which took immediate steps to contain the incident. An investigation is ongoing, but ASML believes the attackers only had access to its systems for a short period of time.

“At this time it appears that only a limited amount of data has been accessed. ASML has not found any evidence that valuable files, either from ASML or our customers and suppliers, have been compromised,” ASML said in a statement.

The company says it hasn’t determined the identity of the attackers. However, anonymous sources cited by the Dutch tech website Tweakers.nl said the attack was carried out by the Chinese government.

“ASML, like any other leading organization, is subject to cybersecurity attacks. We take knowledge protection very seriously and constantly work to improve our defenses against hacking attempts and our detection capabilities,” the company stated.

ASML is not providing any additional information regarding the incident unless there is a significant development.

China is often the primary suspect when it comes to cyber espionage operations aimed at major tech companies. One of the hacking groups believed to have ties to the Chinese military has been dubbed “Putter Panda.” The group’s targets include government, research, defense and technology organizations in the United States. Another well-known threat actor linked to the Chinese military is APT1, whose activities were detailed by Mandiant in February 2013.

Advertisement. Scroll to continue reading.

The Chinese government has always denied any involvement in cyber espionage operations. However, in May 2014, US authorities indicted five Chinese officials for hacking companies in the nuclear, metals and solar power industries.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.