Nvidia confirmed to have lost 1TB of details following the data breach claims made by Lapsus$ intended to remove the crypto mining limitations…

Continue reading
Nvidia officially confirmed the data breach incident following the detection of an intrusion on their network that resulted in unauthorized access of proprietary information and employee login details. This came after a few of its internal systems reportedly went down for two days, drawing into a possible cyber attack investigation.
While initial investigation couldn't derive the overall extent of the intrusion, until Lapsus$ data extortion group took away all the credits behind that data breach, Nvidia began to recourse its investigative trajectory, maintaining silence to these emerging claims.


Lapsus$, in order to back up their claims, have already publicized a large document archive of nearly 20GB as a part of the stolen 1TB cache from Nvidia. The threat group also threatened Nvidia about their preparedness to expose the rest of the stolen details unless the GPU Chip maker addresses their ransom demands.

Lapsus$ made their claims through an online group chat session hosted on telegram as per the screenshot available for public disclosure, including hashed passwords of all Nvidia employees to gain more weightage and moreover claimed that the company hacked back to encrypt their virtual machine with the data.
_“We were into nvidia systems for about a week; we fastly escalated to admin of a lot of systems,”_ the threat actor mentioned.
Additionally, they have made all the intrusion details available about the data breach, including _"stuff, schematics, driver, firmware, ”_ with an instinct to sell it right away.
_“We are still waiting for Nvidia to contact us. We are also selling a full LHR V2 (GA102-GA104) -> we hope it will soon be removed by nvidia”_ - Lapsus$
According to their statement, it was roughly determined that they intended to remove the existing limitations in the crypto mining through LHR, a lite hash rate technology enabling graphics cards to reduce a GPU’s mining capacity.
Lapsus$ explicitly directed the company to remove LHR limitations in the GeForce RTX 30 Series firmware; otherwise, they will leak the folder with hardware specifications.


NVIDIA highlighted that no evidence of a ransomware attack was found during the investigation, however taking the claims made by the threat actor into account, the stolen employee credentials, and proprietary information, the company is currently analyzing through the available information and notes that the incident is not expected to disrupt its business or the ability to serve customers.
*On February 23, 2022, NVIDIA became aware of a cybersecurity incident that impacted IT resources. Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement.*
*We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict. However, we are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online. Our team is working on analyzing that information. We do not anticipate any disruption to our business or our ability to serve our customers due to the incident.*
*Security is a continuous process that we take very seriously at NVIDIA – and we invest in the protection and quality of our code and products daily.*

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation