Thousands of Nvidia employee passwords leak online as hackers’ ransom deadline looms
The ransomware group that claims to have taken a terabyte of data from chipmaking giant Nvidia is threatening to release the company’s “most closely-guarded secrets” today unless it meets the gang’s increasingly bizarre demands.
The Lapsus$ ransomware group, which first claimed responsibility for the data breach last week, has already started leaking data. According to data breach monitoring website Have I Been Pwned, the hackers stole the credentials of more than 71,000 Nvidia employees. Several Nvidia email addresses known to TechCrunch all appeared compromised, according to our checks. The data includes email addresses and Windows password hashes, according to HIBP, “many of which were subsequently cracked and circulated within the hacking community.”
While Nvidia previously confirmed that employee credentials were taken in the attack, the company declined to confirm whether it has notified those affected or forced password resets for compromised accounts. Despite the increasing fallout from the incident — and the hacking group’s looming deadline — Nvidia’s incident response page has not been updated since Tuesday.