Nvidia confirms that The edge† Bloomberg† Reutersand others that it is investigating an “incident” – hours later The Telegraph reported that the graphics chipmaker giant had suffered a devastating cyberattack in the past two days that “completely compromised” the company’s internal systems.
“We are investigating an incident. Our business and commercial activities continue uninterrupted. We are still evaluating the nature and scope of the event and have no additional information to share at this time,” a statement read through Nvidia spokesperson Hector Marinez.
Even The TelegraphThe sources do not suggest that Nvidia has necessarily stolen or deleted any data, and there is currently no suggestion that the “incident” may be related to the Russian invasion of Ukraine, although cyber-attacks were part of the offensive and internet infrastructure has been targeted there as well.
Bloomberg now reports that it was a minor ransomware attack, citing a “person familiar with the incident”.
Early Saturday morning, the dark web intelligence company DarkTracer tweeted that Lapsus$, a ransomware gang recently associated with an attack on Portugal’s largest TV channel, has claimed responsibility by leaking password hashes for Nvidia employees, stating that other has data, including source code and information related to RTX GPUs. Soufiane Tahiric posted a later message from the group on Twitter, where they claimed the company was trying to delete their data on a virtual machine through the VPN and device management platform it uses. They apparently still claim to have a backup of the data they threaten to leak. There is still no indication that this incident is related to the Russian invasion.
However, if a US-based company like Nvidia was targeted, it could provoke retaliation from the United States. “If Russia carries out cyber attacks on our companies, our critical infrastructure, we are ready to respond,” President Biden said in his speech on Thursday.
While the alleged attack reportedly disabled Nvidia’s email, we received Nvidia’s statement today from an Nvidia email address.
Nvidia also mysteriously asked the press late Wednesday night to push back a small announcement that allegedly came in on Thursday, without providing an explanation. That timing corresponds to when The Telegraph reports that Nvidia’s systems have been compromised.
Update, 5:47 PM ET: Added that Bloomberg is now citing a source that the “incident” was a ransomware attack.
Update, Feb 26, 6:37ET: Added information about Lapsus$ Group claiming responsibility for the ransomware attack.