Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Microchip Technology Confirms Personal Information Stolen in Ransomware Attack

Microchip Technology says employee contact information and other types of data was stolen in an August ransomware attack.

Microchip Technology cyberattack

US-based semiconductor supplier Microchip Technology (NASDAQ: MCHP) has confirmed that personal information and other types of data was stolen from its systems during a recent ransomware attack.

The company disclosed the incident on August 20, when it informed the US Securities and Exchange Commission that certain servers and business operations had been disrupted. The company isolated the impacted systems to contain the attack.

Roughly a week later, the Play ransomware gang claimed responsibility for the assault, adding Microchip on its Tor-based website. Shortly after, the group started leaking data allegedly stolen from the manufacturer, likely because its extortion attempt failed.

The cybercriminals said they were able to siphon personal information, employee IDs, and various business and financial documents.

On September 4, Microchip filed an 8-K Form with the SEC, confirming that certain data was indeed stolen from its network, underlining that its investigation into the matter continues.

“The company believes that the unauthorized party obtained information stored in certain company IT systems, including, for example, employee contact information and some encrypted and hashed passwords. We have not identified any customer or supplier data that has been obtained by the unauthorized party,” Microchip told the SEC.

The semiconductor maker also noted that it was aware of the Play ransomware group’s claims.

“The company is aware that an unauthorized party claims to have acquired and posted online certain data from the company’s systems. The company is investigating the validity of this claim with assistance from its outside cybersecurity and forensic experts,” Microchip said.

Advertisement. Scroll to continue reading.

The company also noted that it has yet to determine the full extent of the incident and whether the attack would have a material impact on its financial condition or results of operations.

Microchip also revealed that it has restored operationally critical IT systems and that it has resumed order processing and product shipping, but said that the restoration process has not been completed.

Related: City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack

Related: Dick’s Sporting Goods Says Sensitive Data Exposed in Cyberattack

Related: 950,000 Impacted by Young Consulting Data Breach

Related: Seattle Airport Blames Outages on Possible Cyberattack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights