NVIDIA Data Breach

Nvidia Corporation is an American multinational technology company incorporated in Delaware and based in Santa Clara, California. It designs graphics processing units for the gaming and professional markets, as well as system on a chip units for the mobile computing and automotive market. 

NVIDIA official logo. Credits: nvidia.com

The Lapsus$ ransomware group claims to have stolen 1TB of data from the chipmaking giant Nvidia. As hackers, allegedly haven’t reached an agreement with a victim, published a sample of the stolen data on their darknet website.

Among files of source code hackers leaked credentials of more than 71,000 Nvidia employees.

While Nvidia confirmed that employee credentials were taken in the attack, the company declined to confirm whether it has notified those affected or forced password resets for compromised accounts. Despite the increasing fallout from the incident — and the hacking group’s looming deadline — Nvidia’s incident response page has not been updated since Tuesday, March 3.

The hackers are now threatening to release Nvidia’s trade secrets, including schematics, source code and information on recent Nvidia graphics chips, including the as-yet-unannounced RTX 3090 Ti, unless Nvidia meets the group’s unusual demands. The group called on Nvidia to remove its controversial Lite Hash Rate (LHR) feature, which limits the Ethereum mining capabilities of its RTX 30 series graphics cards. This feature was introduced in early-2021 in response to having its stock depleted by the crypto-mining community, making it impossible for gamers to get their hands on the new graphics cards.