The Play ransomware group then claimed that employee data from computers infiltrated in an August cyberattack was stolen, according to American semiconductor supplier Microchip Technology Incorporated.
The chipmaker, which has its headquarters in Chandler, Arizona, serves over 123,000 clients in a variety of business segments, including computing, communications, automotive, aerospace and defense, and industrial.
Microchip Technology revealed on August 20 that a cyberattack detected on August 17 has impacted operations at many production plants. The company had to shut down some of its systems and isolate the compromised ones in order to limit the breach, which hindered its capacity to comply with directives.
Microchip Technology said that its operationally key IT systems are back online in a filing with the U.S. Securities and Exchange Commission on Wednesday. The firm claims that operations have “substantially restored” and that it has been processing customer orders and shipping products for more than a week.
Microchip Technology went on to say that while the attackers had taken some staff data from its networks, it has not yet discovered any proof that consumer information was also compromised in the hack.
“While the investigation is continuing, the company believes that the unauthorized party obtained information stored in certain company IT systems, including, for example, employee contact information and some encrypted and hashed passwords. We have not identified any customer or supplier data that has been obtained by the unauthorized party,” Microchip Technology said.
“The Company is aware that an unauthorized party claims to have acquired and posted online certain data from the Company’s systems. The company is investigating the validity of this claim with assistance from its outside cybersecurity and forensic experts.”
Attack claimed by Play ransomware
Microchip Technology continues to assess the scope and consequences of the cyberattack with outside cybersecurity consultants. Fixing IT systems affected by the event is currently ongoing. The company claims that it has been processing customer orders and distributing products for more than a week, despite the fact that it is still working on recovery after the attack.
The Play ransomware group added the American chipmaker to its dark web data breach website on August 29, claiming that it committed the attack even though Microchip Technology is still looking into the extent and nature of it.
They asserted that they had taken numerous pieces of data from the compromised systems of Microchip Technology, including “private and personal confidential data, client’s documents, budget, payroll, accounting, contracts, taxes, IDs, finance information,” and more.
Since then, the ransomware group has disclosed a portion of the purportedly stolen material and threatened to release the remaining portion if the business does not respond to the disclosure.
When the play ransomware first surfaced in June 2022, its victims first turned to BleepingComputer’s forums for assistance. In order to exploit it in double-extortion schemes, play operators steal confidential information from compromised systems and demand a ransom from victims in order to prevent the material from being released online.
Several well-known victims of the Play ransomware are the Belgian city of Antwerp, the cloud computing business Rackspace, the automotive store Arnold Clark, the City of Oakland in California, and, most recently, Dallas County.
The FBI, CISA, and the Australian Cyber Security Centre (ACSC) collaborated to release a joint advisory in December 2023 alerting people to the fact that, as of October 2023, this ransomware group has compromised around 300 businesses worldwide.
Also read: Strengthening the prospects of data center industry with quality air solutions
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
