Following experiences of a ransomware assault, Taiwanese PC vendor MSI (brief for Micro-Star Worldwide) confirmed right this moment that its community was breached in a cyberattack.
Earlier this week, the Cash Message ransomware gang claimed to infiltrate a few of MSI’s methods and stolen information that will probably be leaked on-line subsequent week if the corporate refuses to pay a $4 million ransom.
In a Friday submitting with Taiwan’s Inventory Trade (TWSE), first noticed by PCMag, MSI revealed that a few of its data service methods had been affected by a cyberattack reported to the related authorities.
“After detecting some data methods being attacked by hackers, MSI’s IT division has initiated data security protection mechanism and restoration procedures. The Firm additionally has been reported [sic] the anomaly to the related authorities authorities,” MSI stated.
The corporate didn’t share any particulars on the timing of the assault, about if any of the affected methods had been encrypted, or if the attackers exfiltrated enterprise and buyer data through the incident.
Nevertheless, MSI did say that the cyberattack has had no “important” operational and monetary influence, with security enhancements applied to make sure that knowledge saved on affected methods is safe.
“No important influence our enterprise by way of monetary and operational at present. The Firm can be enhancing the data security management measures of its community and infrastructure to make sure knowledge security.”
MSI additionally revealed an announcement on Friday warning prospects to make sure that they get their BIOS and firmware updates from official sources.
“MSI urges customers to acquire firmware/BIOS updates solely from its official web site, and to not use information from sources apart from the official web site,” the corporate stated.
BleepingComputer first coated the Cash Message ransomware operation’s exercise in a report revealed final weekend after listening to of the group’s potential involvement within the breach of a high-profile pc {hardware} vendor.
In line with chats seen by BleepingComputer between the ransomware gang and an MSI consultant, the menace actors demanded a ransom cost of $4,000,000 based mostly on a declare that they’ve stolen roughly 1.5TB value of paperwork from MSI’s community.
Cash Message now threatens to launch the allegedly stolen information someday subsequent week if MSI fails to fulfill its ransom calls for.
The menace actors have listed MSI on their knowledge leak web site, thus far solely sharing screenshots of what they describe because the PC maker’s Enterprise Useful resource Planning (ERP) databases and information containing software program supply code, personal keys, and BIOS firmware.
MSI is but to answer to a number of emails from BleepingComputer asking for an announcement relating to the Cash Message ransomware gang’s claims.
Replace April 07, 17:23 EDT: Added MSI assertion.
