The chip giant was recently the victim of a hack.
America’s largest chipmaker Nvidia (NVDA) – Get NVIDIA Corporation Report is continuing to deal with a lingering cyberattack that “totally compromised” its internal systems, as hackers began leaking employee passwords online.
The Lapsus$ ransomware group claimed responsibility for the breach last week, and has since been increasing its demands via messenger portal Telegram.
It has taken particular aim at Nvidia’s Lite Hash Rate, which crypto evangelists abhor for curbing the amount of cryptocurrency ethereum that can be mined on the company’s RTX 30 series graphics cards.
“We want Nvidia to push an update for all 30 series firmware that remove every LHR limitations otherwise we will leak [the hardware] folder,” the Lapsus$ group said on Telegram in broken English, TechCrunch reports. “If they remove the LHR we will forget about [the] folder … We both know LHR impact mining and gaming.”
This source code is Nvidia’s crown-jewel.
The cyberattack reportedly accessed info from 71,000 Nvidia employees, according to Have I Been Pwned, a website that tracks data breaches.
MediaNews Group/Bay Area News via Getty Images
Nvidia Could Be The Tip of The Iceberg
Market watchers have been closely following the hack, as NATO and its allies stepped up sanction on Russia following its invasion of Ukraine, with chipmakers on the top of the list of companies that will stop doing business with the country.
The microchip behemoth said it first saw signs of an attack on Feb. 23, and has since been experiencing it as an ongoing issue as the hackers involved demand a ransom before returning the company’s data.
In the past two days, the hackers who have the Nvidia data have leaked portions of its DLSS codes as well as its GPU drivers, as they step up pressure on the company to payout.
Lapsus$ is also asking for “completely open-source (and distribute under a foss license) [its] GPU drivers for Windows, macOS, and Linux, from now on and forever.”
The sector itself has been on high alert during Russia’s conflict with Ukraine, with many chipmakers steeling themselves for malware and various forms of cyber warfare after American manufacturers and their products joined the list of sanctions imposed on Russia.
Company Says It Has No Evidence of International Influence
“On February 23, 2022, NVIDIA became aware of a cybersecurity incident which impacted IT resources. Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement,” the company said in a statement.
It said it had no evidence that the attack was related to the Russia-Ukraine conflict.
“However, we are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online,” the statement reads.
“Our team is working to analyze that information. We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.”
So What’s Happening Now?
The latest leak of information is reportedly part of a full terabyte of data that Lapsus$ says it hacked from Nvidia.
Now, the group is saying that if its demands aren’t met, it will release the company’s “most closely-guarded secrets” sometime today.
