NVIDIA Confirms Cyberattack, Hackers Were Able To Run Away With Proprietary Information But Systems Operating As Per Normal
The statement provided by NVIDIA confirms that the company was indeed hit by a cyberattack last week on 23rd February 2022. NVIDIA reports that none of the systems were inflicted with malicious code such as ransomware but the hacking group, LOPSUS$, who are traced back to South America, have been able to get their hands on proprietary information which includes employee data, driver and software bypasses, and documents regarding future products. The hackers are already threatening to leak this information and have already posted password hashes, LHR BIOS unlocks, and information on the next-gen NVIDIA products over in their public Telegram Group. The good news is that NVIDIA’s business and systems aren’t disrupted and the services continue without any issues. There could still be a lot of information that these hackers have their hands on since they were able to extra 1 TB of data from their exfiltration attempt. We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict. However, we are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online. Our team is working to analyze that information. We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident. Security is a continuous process that we take very seriously at NVIDIA – and we invest in the protection and quality of our code and products daily.” NVIDIA Rep via HardwareLuxx Even as of right now while we are posting this story, the hackers are leaking more information & have released the source code of NVIDIA’s DLSS technology. According to TechPowerUp, the leak includes C++ files, headers, assets, and even a Programming Guide used by developers that helps towards the use and development of the technology.