Over 71,000 Nvidia accounts have personal data leaked following hack

An abstract image of padlocks overlaying a digital background.

(Image credit: Shutterstock) (Image credit: Shutterstock)

New effects of the recent Nvidia hack continue to surface, with the latest reports claiming thousands of employee accounts were affected.

BleepingComputer notes that the Have I Been Pwned? (HIBP) breach website has now listed 71,335 compromised Nvidia accounts as having login credentials and other data taken in the attack.

Wikipedia, as well as Macro Trends, claims Nvidia as approximately 18,000 employees across the world, meaning the effects of the attack could be being felt outside of the company.

RTX 3000 in trouble

The HIBP website, which aggregates all of the data breaches that happen around the world, and offers people a way to check if any of their online accounts had been compromised, said the Nvidia hackers took “email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community."

Nvidia has confirmed a network breach that had happened last month, in which the attackers obtained a terabyte of sensitive company data from its endpoints. The company described the attack as an “incident” that impacted some of its systems for a total of two days.

International ransomware threat actor LAPSUS$ has taken responsibility for the incident, and have so far offered a tiny glimpse into the data taken.

> Hackers demanding million-dollar prize for leaked Nvidia GPU mining bypass

> Hackers threaten to turn every Nvidia GPU into a Bitcoin mining machine

> We're all still making the same mistakes when it comes to secure passwords

The group has not made any demands in exchange for the data yet, but have offered a way for RTX 3000 GPU users to rid themselves of the hash rate limiter which limits the card’s Ethereum mining capability to approximately 50%.

The group said to have created, based on the data taken, a tool that can bypass Nvidia’s Lite Hash Rate limiter without “flashing” or updating the firmware on the device. However, it's hard to know if the tool works, or if it's just malware.

Furthermore, Lapsus$ allegedly demanded Nvidia to open-source its GPU drivers for Windows, macOS, and Linux devices until Friday, March 4, if they don’t want to have all the stolen information on its recent GPUs, including the RTX 3090Ti, leaked online.

Check out the best firewalls right now

Via: BleepingComputer

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.