In June 2023, Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest semiconductor manufacturer, encountered a significant cybersecurity incident. The LockBit ransomware group executed a data breach, demanding a ransom of $70 million from TSMC to prevent the disclosure of the stolen data. This event was traced back to a security lapse during the initial setup and configuration of a server by one of TSMC's IT providers, Kinmax Technology. LockBit threatened to publish sensitive data related to TSMC's network entry points and access credentials, putting the semiconductor giant at risk of further cyber threats. The breach underscores the critical importance of robust cybersecurity measures across tech providers and their supply chain partners.
Source: https://www.ptsecurity.com/ww-en/analytics/asia-cybersecurity-threatscape-2022-2023/
TPRM report: https://scoringcyber.rankiteo.com/company/taiwan-semiconductor-manufacturing-company-limited
"id": "tai318050624",
"linkid": "taiwan-semiconductor-manufacturing-company-limited",
"type": "Vulnerability",
"date": "06/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Technology',
'location': 'Taiwan',
'name': 'Taiwan Semiconductor Manufacturing Company '
'(TSMC)',
'size': 'Large',
'type': 'Semiconductor Manufacturer'}],
'attack_vector': 'Server misconfiguration',
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Network entry points and access '
'credentials'},
'date_detected': 'June 2023',
'description': 'In June 2023, Taiwan Semiconductor Manufacturing Company '
'(TSMC), the world’s largest semiconductor manufacturer, '
'encountered a significant cybersecurity incident. The LockBit '
'ransomware group executed a data breach, demanding a ransom '
'of $70 million from TSMC to prevent the disclosure of the '
'stolen data. This event was traced back to a security lapse '
'during the initial setup and configuration of a server by one '
"of TSMC's IT providers, Kinmax Technology. LockBit threatened "
"to publish sensitive data related to TSMC's network entry "
'points and access credentials, putting the semiconductor '
'giant at risk of further cyber threats. The breach '
'underscores the critical importance of robust cybersecurity '
'measures across tech providers and their supply chain '
'partners.',
'impact': {'data_compromised': "Sensitive data related to TSMC's network "
'entry points and access credentials'},
'initial_access_broker': {'entry_point': 'Server misconfiguration'},
'lessons_learned': 'The breach underscores the critical importance of robust '
'cybersecurity measures across tech providers and their '
'supply chain partners.',
'motivation': 'Financial gain',
'post_incident_analysis': {'root_causes': 'Security lapse during server setup '
'and configuration'},
'ransomware': {'data_exfiltration': True,
'ransom_demanded': '$70 million',
'ransomware_strain': 'LockBit'},
'threat_actor': 'LockBit ransomware group',
'title': 'TSMC Ransomware Attack by LockBit',
'type': 'Ransomware',
'vulnerability_exploited': 'Security lapse during server setup and '
'configuration'}