Connect with us

Hi, what are you looking for?



TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant

LockBit ransomware group claims to have hacked TSMC and is asking for a $70 million ransom, but the chip giant says only a supplier was breached.

TSMC ransomware

The LockBit ransomware group claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC), but the chip giant says only one of its suppliers was breached.

The notorious cybercrime group announced on Thursday on its website that it targeted TSMC, suggesting — based on the $70 million ransom demand — that it has stolen vast amounts of sensitive information. The victim was initially given seven days to respond, but the deadline has been extended to August 6 at the time of writing.

Contacted by SecurityWeek, TSMC said it was recently made aware that one of its IT hardware suppliers had experienced a cybersecurity incident that led to information related to initial server setup and configuration being compromised. 

“At TSMC, every hardware component undergoes a series of extensive checks and adjustments, including security configurations, before being installed into TSMC’s system. Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information,” TSMC said.

It added, “After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures.  TSMC remains committed to enhancing the security awareness among its suppliers and making sure they comply with security standards. This cybersecurity incident is currently under investigation that involves a law enforcement agency.”

The impacted supplier is Taiwan-based Kinmax Technology, a systems integrator specialized in networking, cloud computing, storage, security and database management. The company claims on its website that its partners include major firms such as Cisco, HPE, Microsoft, Citrix, VMware and Nvidia. 

In a statement issued on Friday, Kinmax said it discovered on June 29 that its “internal specific testing environment” had been breached and that “some information was leaked”.

Advertisement. Scroll to continue reading.

“The leaked content mainly consisted of system installation preparation that the Company provided to our customers as default configurations,” Kinmax explained. “We would like to express our sincere apologies to the affected customers, as the leaked information contained their names which may have caused some inconvenience. The company has thoroughly investigated this incident and implemented enhanced security measures to prevent such incidents from occurring in the future.”

The notorious WannaCry malware caused significant disruptions in TSMC factories back in 2018. 

Related: Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack

Related: British Manufacturing Firm Morgan Advanced Materials Investigating Cyberattack

Related: U.S. Semiconductor Maker MaxLinear Discloses Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.


US payments giant NCR has confirmed being targeted in a ransomware attack for which the BlackCat/Alphv group has taken credit.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.