The Play ransomware group has published gigabytes of data allegedly stolen from US-based semiconductor supplier Microchip Technology (NASDAQ: MCHP).
Microchip Technology revealed in a regulatory filing last week that operations at some of its manufacturing facilities had been disrupted by a cyberattack.
“As a result of the incident, certain of the Company’s manufacturing facilities are operating at less than normal levels, and the Company’s ability to fulfill orders is currently impacted,” Microchip said at the time.
Microchip provides microcontroller, mixed-signal, analog and Flash-IP solutions to 123,000 customers across the industrial, automotive, consumer, aerospace and defense, communications, and computing sectors.
The Play ransomware group listed Microchip on its Tor-based website on August 27 and started leaking data allegedly stolen from the company on August 29.
The cybercriminals have made available over 5Gb of archives allegedly storing personal information, IDs, and documents related to clients, budget, accounting, payroll, contracts, and taxes.
SecurityWeek has not analyzed the leaked data to see if it comes from Microchip Technologies.
The hackers claim this is only part of the data they have stolen and they plan on making the rest public if Microchip refuses to pay up.
The Play ransomware group, which has been around since June 2022, is known for attacks on organizations such as A10 Networks and Rackspace.
Government agencies in the US and Australia issued an alert last year after the cybercriminals had targeted hundreds of organizations. The group’s website currently lists more than 550 victims.
Related: Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication
Related: Inmate, Staff Information Stolen in Rhode Island Prison Data Breach
Related: Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data