Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), the world’s largest contract chipmaker, on Friday said that no customer data were compromised in a cyberattack on one of its hardware suppliers.
Some information, including TSMC’s name, was leaked when the supplier was hacked on Thursday, but no TSMC data were stolen, the chipmaker said, without disclosing the name of the vendor.
After being informed of the cybersecurity breach, TSMC terminated the exchange of information with the supplier, in line with its security protocols and standard operating procedures, it said.
Photo: Reuters
TSMC’s hardware components are usually subject to extensive checks and adjustments, including security configurations, before being installed in its systems, it said.
The chipmaker said it remained committed to raising security awareness among its suppliers and ensuring that they comply with security standards.
Taiwanese law enforcement is investigating the incident, it said.
International news media reported that the attack was carried out by a Russia-linked ransomware gang called LockBit, which identified the Taiwanese chipmaker on its “dark Web” leak site on Thursday.
San Francisco-based technology news Web site TechCrunch said that the hardware supplier was Kinmax Technology (擎昊科技), an IT services and consulting group based in Hsinchu that specializes in networking, cloud computing, storage, security and database management.
The compromised information pertained to the initial setup and configuration of Kinmax’s servers, TechCrunch said.
LockBit was demanding TSMC pay US$70 million to prevent it from releasing data it claimed to have stolen from the chipmaker, TechCrunch quoted Equinix cyberthreat intelligence researcher William Thomas as saying.
TechCrunch said that TSMC had shared a copy of the communication it received from Kinmax, which showed that the supplier discovered on Thursday that its internal testing environment had been attacked and some information obtained.
The leaked data were largely information concerning the default configurations of system installations that the supplier provides to its customers, TechCrunch said, citing the Kinmax communication.
Kinmax has suggested that TSMC was not the only client affected by the attack, TechCrunch said.
Tech Web site Cybernews said that LockBit is known for its malware of the same name and has led numerous ransomware attacks since early last year, becoming the world’s most prolific ransomware syndicate.
LockBit has hit more than 1,800 companies, primarily using a “ransomware as a service” model to keep a portion of the profits that it pays to affiliates that carry out the attacks, Cybernews said.
LockBit claimed responsibility for a ransomware attack carried out in May against a plant in Mexico owned by Taiwan’s Hon Hai Precision Industry Co (鴻海精密), an iPhone assembler, TechCrunch reported.
Hon Hai, also known as Foxconn Technology Group (富士康科技集團), reported the attack, but has not disclosed how much money was demanded and whether it paid, TechCrunch said.
A magnitude 7.0 earthquake struck off Yilan at 11:05pm yesterday, the Central Weather Administration (CWA) said. The epicenter was located at sea, about 32.3km east of Yilan County Hall, at a depth of 72.8km, CWA data showed There were no immediate reports of damage. The intensity of the quake, which gauges the actual effect of a seismic event, measured 4 in Yilan County area on Taiwan’s seven-tier intensity scale, the data showed. It measured 4 in other parts of eastern, northern and central Taiwan as well as Tainan, and 3 in Kaohsiung and Pingtung County, and 2 in Lienchiang and Penghu counties and 1
FOREIGN INTERFERENCE: Beijing would likely intensify public opinion warfare in next year’s local elections to prevent Lai from getting re-elected, the ‘Yomiuri Shimbun’ said Internal documents from a Chinese artificial intelligence (AI) company indicated that China has been using the technology to intervene in foreign elections, including propaganda targeting Taiwan’s local elections next year and presidential elections in 2028, a Japanese newspaper reported yesterday. The Institute of National Security of Vanderbilt University obtained nearly 400 pages of documents from GoLaxy, a company with ties to the Chinese government, and found evidence that it had apparently deployed sophisticated, AI-driven propaganda campaigns in Hong Kong and Taiwan to shape public opinion, the Yomiuri Shimbun reported. GoLaxy provides insights, situation analysis and public opinion-shaping technology by conducting network surveillance
‘POLITICAL GAME’: DPP lawmakers said the motion would not meet the legislative threshold needed, and accused the KMT and the TPP of trivializing the Constitution The Legislative Yuan yesterday approved a motion to initiate impeachment proceedings against President William Lai (賴清德), saying he had undermined Taiwan’s constitutional order and democracy. The motion was approved 61-50 by lawmakers from the main opposition Chinese Nationalist Party (KMT) and the smaller Taiwan People’s Party (TPP), who together hold a legislative majority. Under the motion, a roll call vote for impeachment would be held on May 19 next year, after various hearings are held and Lai is given the chance to defend himself. The move came after Lai on Monday last week did not promulgate an amendment passed by the legislature that
Taiwan is gearing up to celebrate the New Year at events across the country, headlined by the annual countdown and Taipei 101 fireworks display at midnight. Many of the events are to be livesteamed online. See below for lineups and links: Taipei Taipei’s New Year’s Party 2026 is to begin at 7pm and run until 1am, with the theme “Sailing to the Future.” South Korean girl group KARA is headlining the concert at Taipei City Hall Plaza, with additional performances by Amber An (安心亞), Nick Chou (周湯豪), hip-hop trio Nine One One (玖壹壹), Bii (畢書盡), girl group Genblue (幻藍小熊) and more. The festivities are to
RSS