Over 71,000 Nvidia accounts have personal data leaked following hack
Lapsus$ threat actor has caused havoc after breaching Nvidia networks
New effects of the recent Nvidia hack continue to surface, with the latest reports claiming thousands of employee accounts were affected.
BleepingComputer notes that the Have I Been Pwned? (HIBP) breach website has now listed 71,335 compromised Nvidia accounts as having login credentials and other data taken in the attack.
Wikipedia, as well as Macro Trends, claims Nvidia as approximately 18,000 employees across the world, meaning the effects of the attack could be being felt outside of the company.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
RTX 3000 in trouble
The HIBP website, which aggregates all of the data breaches that happen around the world, and offers people a way to check if any of their online accounts had been compromised, said the Nvidia hackers took “email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community."
Nvidia has confirmed a network breach that had happened last month, in which the attackers obtained a terabyte of sensitive company data from its endpoints. The company described the attack as an “incident” that impacted some of its systems for a total of two days.
International ransomware threat actor LAPSUS$ has taken responsibility for the incident, and have so far offered a tiny glimpse into the data taken.
The group has not made any demands in exchange for the data yet, but have offered a way for RTX 3000 GPU users to rid themselves of the hash rate limiter which limits the card’s Ethereum mining capability to approximately 50%.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The group said to have created, based on the data taken, a tool that can bypass Nvidia’s Lite Hash Rate limiter without “flashing” or updating the firmware on the device. However, it's hard to know if the tool works, or if it's just malware.
Furthermore, Lapsus$ allegedly demanded Nvidia to open-source its GPU drivers for Windows, macOS, and Linux devices until Friday, March 4, if they don’t want to have all the stolen information on its recent GPUs, including the RTX 3090Ti, leaked online.
- Check out the best firewalls right now
Via: BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.