It looks like AMD was attacked by a group of cybercriminals RansomHouse. They claim to have data stolen from a well-known manufacturer of processors and video cards earlier this year. This is reported by The Register.
RansomHouse claims to have received the files during the hacking of the AMD network on January 5, 2022, and these are not materials from a previous leak of intellectual property. Relative newcomers among cybercriminals, also say they do not break the protection of systems and do not create and use programs that steal data. Instead, they act as intermediaries between criminals and victims who pay for what is stolen.
The message on the hidden site RansomHouse is about 450 GB of information. The group also posted samples of data allegedly stolen in January. An online security specialist checked the sample and reported that it contains network files, system information, and AMD passwords.
Criminals claim that their victims’ data was poorly protected.
“An era of high-end technology, progress and top security … there’s so much in these words for the crowds But it seems those are still just beautiful words when even technology giants like AMD use simple passwords like ‘password’ … to protect their networks from intrusion. It is a shame those are real passwords used by AMD employees,” they wrote on their website.
RansomHouse also included AMD in the list of companies that “either have considered their financial gain to be above the interests of their partners/individuals who have entrusted their data to them or have chosen to conceal the fact that they have been compromised”. According to experts, this may mean that the company has not yet paid a ransom for the stolen data.
Other specialists as well suggest that this may be a failed attempt to monetize the hack, and that actually stolen RansomHouse data may belong to an AMD partner. However, they are disguised as AMD’s property to cause more publicity in the media and increase pressure on the victim. Although earlier this year there were rumors that AMD had suffered a cyber attack, they have not yet been confirmed.