Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

NVIDIA Confirms Employee Credentials Stolen in Cyberattack

NVIDIA this week acknowledged that employee credentials were stolen during a cyberattack on February 23 and confirmed the attackers have started leaking the information online.

The compromise occured on February 23 and impacted certain “IT resources,” an NVIDIA spokesperson told SecurityWeek.

NVIDIA this week acknowledged that employee credentials were stolen during a cyberattack on February 23 and confirmed the attackers have started leaking the information online.

The compromise occured on February 23 and impacted certain “IT resources,” an NVIDIA spokesperson told SecurityWeek.

“Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement,” the NVIDIA spokesperson added.

While the investigation into the incident continues, NVIDIA says that it hasn’t found evidence that ransomware was deployed on its network. 

[ READ: Insurance Broker Aon Investigating Cyber Incident ]

“We are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online. Our team is working to analyze that information,” NVIDIA said.

A known ransomware gang called Lapsus$ claims to have stolen over 1 terabyte of data from NVIDIA.  On a Telegram channel, the data-extortion gang confirmed it had started to publicly disclose the stolen data.

NVIDIA said it did not anticipate any business disruption.  “Security is a continuous process that we take very seriously at NVIDIA – and we invest in the protection and quality of our code and products daily,” the spokesperson added.

Related: Conti Chats Leaked After Ransomware Gang Expresses Support for Russia

Related: Deadbolt Ransomware Targeting Asustor NAS Devices

Related: Researchers Devise Method to Decrypt Hive Ransomware-Encrypted Data

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.