The Lapsus$ group stole the credentials of more than 71 thousand employees from Nvidia


As a result of a recent cyberattack on the Nvidia graphics card manufacturer, hackers stole the credentials of more than 71 thousand employees and published them online.

The Have I Been Pwned service, which allows users to find out whether their credentials have been compromised, this week added 71,335 accounts to its database, including email addresses and NTLM password hashes, many of which were decrypted after the leak and dispersed among hackers.

Recall that on March 1, Nvidia confirmed the hacking of its networks last month and the theft of employee credentials and proprietary information. The South American cyber extortion group Lapsus$ claimed responsibility for the attack, stating that it managed to steal 1 TB of data.

Last weekend, the group published a 20 GB archive with data stolen from the company’s networks and hashes of employees’ passwords. Lapsus$ also threatened to publish hardware specifications if Nvidia does not remove the LHR hashrate limiter from its GeForce RTX 30 video cards, which reduces their performance when mining cryptocurrencies. However , then the extortionists changed their minds and stated that they intend to develop a tool to bypass LHR themselves and sell it for $ 1 million.

Lapsus$ also demanded Nvidia to open the source code of drivers for video cards for Windows, macOS and Linux by March 4, threatening otherwise to publish data on all the latest video cards, including RTX 3090Ti, on the Network.

Start a discussion …
Source link