Nvidia is confirming to The Verge, Bloomberg, Reuters, and others that it’s investigating an “incident” — hours after The Telegraph reported that the graphics chipmaking large had skilled a devastating cyberattack that “fully compromised” the corporate’s inner techniques over the previous two days.
“We’re investigating an incident. Our enterprise and business actions proceed uninterrupted. We’re nonetheless working to judge the character and scope of the occasion and don’t have any further info to share presently,” reads an announcement by way of Nvidia spokesman Hector Marinez.
Even The Telegraph’s sources aren’t suggesting that Nvidia has essentially had any information stolen or deleted, and there’s no present suggestion that the “incident” is likely to be linked to Russia’s invasion of Ukraine, although cyberattacks have been part of the offensive, and internet infrastructure has also been a target there.
Bloomberg is now reporting it was a minor ransomware assault, citing a “particular person acquainted with the incident.”
Early Saturday morning, the darkish internet intelligence agency DarkTracer tweeted that Lapsus$, a ransomware gang recently linked to an attack on Portugal’s largest TV channel, has claimed duty, leaking what it says are the password hashes for Nvidia staff, and indicating it has different information together with supply code and knowledge associated to RTX GPUs. Soufiane Tahiri posted a later message from the group to Twitter, the place they claimed the corporate tried to delete their information in a digital machine by way of the VPN and system administration platform it makes use of. They apparently declare to nonetheless have a backup of the information that they’re threatening to leak. There’s nonetheless no indication publicly that that is incident is tied to Russia’s invasion.
If a US-based firm like Nvidia had been focused, although, it may provoke retaliation from america. “If Russia pursues cyberattacks towards our firms, our important infrastructure, we’re ready to reply,” President Biden stated throughout his Thursday handle.
Whereas the alleged assault reportedly knocked out Nvidia’s e-mail, we did obtain Nvidia’s assertion immediately from an Nvidia e-mail handle.
Nvidia additionally mysteriously requested press late Wednesday night to push again a minor announcement that will have arrived on Thursday, with out offering a proof. That timing strains up with when The Telegraph reviews that Nvidia’s techniques have been compromised.
Replace, 5:47PM ET: Added that Bloomberg is now citing a supply that the “incident” was a ransomware assault.
Replace, February twenty sixth, 6:37ET: Added details about Lapsus$ Group claiming to be chargeable for the ransomware assault.