The GPU giant Nvidia has recently faced a series of requests as ransoms, by the Lapsus$ data extraction group. The company remained silent while investigating the issue. Now, Nvidia is announcing that their systems were indeed breached by the group; they managed to steal data.
Counter-attack did not work
The Lapsus$ group has recently told Nvidia that they have extracted 1 TB of company data, including sensitive information about their technologies and hashed passwords of the employees. Then the group has stated that they were counter-attacked by Nvidia security; their VMs were encrypted. However, they also said that they had already backed up the data elsewhere. Nvidia has finally made an official statement that you can read below:
« On February 23, 2022, NVIDIA became aware of a cybersecurity incident which impacted IT resources. Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement.
We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict. However, we are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online. Our team is working to analyze that information. We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.
Security is a continuous process that we take very seriously at NVIDIA and we invest in the protection and quality of our code and products daily. »
Lapsus$ group was demanding the removal of LHR, hashrate limiter for the GPUs, while they also claimed to sell a bypass mechanism from the stolen data. Interestingly, they also claimed that the LHR is hurting gamers as well while LHR is a measure to protect the gamers by blocking half of its capacity while mining.