The email addresses and passwords of more than 71,000 NVIDIA employees were likely stolen in a recent cyberattack and are now circulating within underground communities.
On February 23, hackers managed to compromise NVIDIA’s network and steal not only employee credentials but also proprietary information.
The Lapsus$ ransomware gang, which claimed responsibility for the attack and apparently asked the chip maker to pay $1 million for the stolen data, started leaking the compromised information over the weekend, saying the move was retaliation to NVIDIA’s alleged attempt to hack them back.
Earlier this week, the company confirmed that sensitive data was stolen in the incident, but provided no details on the number of impacted individuals or the manner in which its network was breached.
According to data breach monitoring website Have I Been Pwned, however, the hackers managed to exfiltrate the credentials of roughly 71,300 NVIDIA employees.
The attackers stole email addresses and NTLM password hashes, and were subsequently able to crack many of these, after which they made them available to other hacking community members.
As part of the incident, the hackers also appear to have stolen two expired code signing certificates. According to Rochester Institute of Technology researcher Bill Demirkapi, “Windows still allows them to be used for driver signing purposes.”
Related: NVIDIA Confirms Employee Credentials Stolen in Cyberattack
Related: Insurance Broker Aon Investigating Cyber Incident
Related: Conti Chats Leaked After Ransomware Gang Expresses Support for Russia