The confidential code signing keys for Taiwanese PC manufacturer MSI were exposed on a dark web leak site used by the ransomware group that attacked the firm.
It claimed to have taken private keys and a framework for creating bios from the company along with the source code.
The expert cautions about the potential effects of such a leak and suggests carrying out a careful examination to ascertain the extent of the leak.
Source: https://securityaffairs.com/145940/data-breach/msi-data-breach-key-leaked.html
TPRM report: https://scoringcyber.rankiteo.com/company/msi-micro-star-international-co-ltd.
"id": "msi223828523",
"linkid": "msi-micro-star-international-co-ltd.",
"type": "Data Leak",
"date": "05/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Technology',
'location': 'Taiwan',
'name': 'MSI',
'type': 'Company'}],
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Private Keys',
'Framework for Creating BIOS',
'Source Code']},
'description': 'The confidential code signing keys for Taiwanese PC '
'manufacturer MSI were exposed on a dark web leak site used by '
'the ransomware group that attacked the firm. It claimed to '
'have taken private keys and a framework for creating bios '
'from the company along with the source code. The expert '
'cautions about the potential effects of such a leak and '
'suggests carrying out a careful examination to ascertain the '
'extent of the leak.',
'impact': {'data_compromised': ['Private Keys',
'Framework for Creating BIOS',
'Source Code']},
'initial_access_broker': {'data_sold_on_dark_web': True},
'motivation': ['Financial Gain', 'Data Theft'],
'ransomware': {'data_exfiltration': True},
'recommendations': ['Conduct a thorough examination to ascertain the extent '
'of the leak.'],
'threat_actor': 'Ransomware Group',
'title': 'MSI Code Signing Keys Exposure',
'type': 'Data Breach'}