Microchip Technology (NASDAQ: MCHP) revealed in its latest financial report on Tuesday that expenses related to the recent cybersecurity incident reached $21.4 million.
The incident came to light in August, when the US-based semiconductor supplier found suspicious activity on its network. The intrusion resulted in disruptions at some of Microchip’s manufacturing facilities.
The Play ransomware group took credit for the attack roughly one week later, claiming to have stolen gigabytes of data.
The ransomware gang has published files allegedly stolen from the company, which indicates that Microchip refused to pay a ransom.
The hackers have made available a 4 Gb archive file allegedly containing Microchip data. They claim the leaked data includes personal data, client documents, and files related to budget, payroll, accounting, contracts, taxes, and finances.
In early September, after restoring most of its operations, Microchip confirmed that the threat actor had taken some information from its systems, including employee contact information and password hashes.
The company’s financial report for the second quarter of fiscal year 2025 puts cybersecurity incident expenses at roughly $21.4 million as of September 30.
Related: Johnson Controls Ransomware Attack: Data Theft Confirmed, Cost Exceeds $27 Million
Related: Cost of Data Breach in 2024: $4.88 Million, Says Latest IBM Study