AMD Data Held by Cyber Criminal Group RansomHouse
According to claims made by the cybercriminal group RansomHouse, the group is in possession of data stolen from Santa Clara, Calif.-based chip maker AMD.
While not taking credit for the initial intrusion on AMD's systems (allegedly taken place in January), RansomHouse claims it obtained "more than 450 GB" of data, which includes intellectual property, from a third party.
Security firm Restore Privacy examined the incident and posted its findings in a blog post this week. In it, the firm, which specializes in online privacy, said they had analyzed data samples from the compromised load provided by RansomHouse and confirmed that the AMD data is both in possession of the cybercriminal group and available on the darknet.
The firm also confirmed that AMD was using simple passwords to protect their network, an assertion made by RansomHouse in an online statement:
An era of high-end technology, progress and top security…there’s so much in these words for the crowds. But it seems those are still just beautiful words when even technology giants like AMD use simple passwords like ‘password’ [others passwords redacted] … to protect their networks from intrusion. It is a shame those are real passwords used by AMD employees, but a bigger shame to AMD Security Department which gets significant financing according to the documents we got our hands on -- all thanks to these passwords.
RansomHouse is a relatively new group that identifies as a "professional mediator community" and allege that they do not take part in ransomware attacks or help in the creation or distribution of any hacking tools. Since being formed in December 2021, the group has taken credit for the acquisition of compromised data from six organizations, while maintaining a "grey hat" aura – hackers who circumnavigate the law and use nefarious methods without holding malicious intent.
AMD has not disclosed any information about the incident and has only provided Restore Privacy with a brief statement: "AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway."