The recent cyberattack on Nvidia saw threat actors download a terabyte of sensitive data, the GPU maker has confirmed.
“We are aware that the threat actor took employee credentials and certain Nvidia proprietary information from our systems and began leaking them online,” the company said in a statement.
Nvidia did not detail the nature of the files that were stolen, but LAPSUS€, the group that claims to have carried out the raid, claims to have recovered 1TB of data on the company's hardware and software, which it is now threatening to release online unless that the company pays a ransom in cryptocurrencies.
Data bit leaks
To prove they're serious, the group has already leaked 19GB of stolen data, including the source code for Nvidia's frame-rate-boosting DLSS technology.
Although LAPSUS€ is a ransomware operator, Nvidia claims that the group has not deployed such malware on its devices.
“We have no evidence that ransomware is being deployed in the Nvidia environment or that it is related to the Russo-Ukrainian conflict,” the company said.
The group became famous in early January this year when it attacked Impresa, Portugal's largest media conglomerate. During the New Year festivities, he took down several Impresa websites, television stations, as well as the website of the print newspaper Expresso, despite claiming to be unaffiliated with any nation-state of any kind.
He claimed to have gained access to the company's Amazon Web Services (AWS) infrastructure, as well as its Twitter account.
In early December 2021, the group accessed the Brazilian Ministry of Health (MoH) websites and suspended covid-19 vaccination efforts across the country. He claimed to have stolen 50TB of data, before deleting it from the servers of the Ministry of Health.
Via: PC Mag