AMD reportedly fell victim to a data breach, with attackers extracting gigabytes of data from the company. Now, attackers are using a broker to try to sell that data back.
according to one Tom’s Hardware In this report, the mediator is a group called RansomHouse, a relatively new threat actor that claims not to attack companies with ransomware. (opens in new tab) itself, but serves as an intermediary in negotiations.
The group claims to have “over 450Gb” of data from AMD, including “network files, system information and passwords”, following a breach in January. It is unclear whether the declaration should read 450 gigabytes (GB) or gigabits (Gb); if the latter, the group claims to have around 56GB of data from AMD.
RansomHouse also says that AMD employees’ security practices were abysmal, using simple credentials like “password” to protect their digital facilities, which suggests the malware (opens in new tab) played no role in the breach.
AMD says it is aware of the situation and that an investigation is ongoing. Pro contacted the company for further clarification and will update this part with any additional information.
So far, the authenticity of the stolen files has not been confirmed. What we do know is that AMD did not pay any ransom fees, as the RansomHouse website lists AMD as companies that “considered their financial gain above the interests of their partners/individuals who entrusted their data to them or chose to hide the fact.” that they were compromised.”
RansomHouse has been around for about half a year and claims to have extorted Saskatchewan Liquor, Gaming Authority (SLGA) and ShopRite.