Microchip Technology says employee contact info stolen by hackers during cyberattack

Avatar

Employee contact information and hashed passwords were stolen by hackers who breached the systems of Microchip Technology, one of the largest American semiconductor manufacturers.

In an updated 8-K filing with regulators at the U.S. Securities and Exchange Commission, the company said it has been back up and running for about a week and a half after hackers disrupted its operations on August 18

Operational systems are now back online, the company says, and it is able to process customer orders and ship products. 

But an ongoing investigation has uncovered evidence that the hackers — who have since been identified as the Play ransomware gang — did manage to steal data held on some IT systems.

Microchip Technology did not respond to request for comment about more specifics on what was stolen. Hashed passwords typically are not useful unless an attacker knows the algorithm that encoded them.

The company has found any evidence yet that customer or supplier data was stolen but said it  notified law enforcement, regulators and employees of the attack.

Microchip Technology said it is aware the  Play ransomware gang has taken credit for the attack and is “investigating the validity of this claim with assistance from its outside cybersecurity and forensic experts.”

“As the Company’s investigation is ongoing, the full scope, nature and impact of the incident are not yet known,” the company explained, adding that it does not believe the incident will impact its financial standing. 

Although many systems are now online, the company said it is still restoring some affected by the attack. 

Microchip Technology reported $7.6 billion in sales in fiscal 2024 through the manufacturing of microcontrollers, embedded security devices, and radio frequency devices, selling them to companies in the automotive, industrial, aerospace, and defense industries.

The Play ransomware gang was one of the most active groups last month, claiming at least 28 attacks on businesses and governments around the world. 

The FBI said the group has attacked more than 300 organizations since it emerged in 2022 and most recently forced a county in Indiana to file a disaster declaration following an attack on government systems.  

IndustryTechnologyCybercrimeNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Ransomware hackers threaten Montana branch of Planned Parenthood

Next Post

US offers $1 million for details on alleged Russian hacker

Related Posts

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. "At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers and IoT devices," the Black Lotus Labs team at
Avatar
Read More