Extortion group RansomHouse claims to have gigabytes of sensitive data stolen from AMD

nanoguy

Posts: 1,232   +24
Staff member
Why it matters: The number of cyberattacks doubled in 2021 compared to the previous year, and experts predict the situation will only get worse. Targets range from individuals to very large organizations like AMD, whose corporate network may have been breached earlier this year. A group called RansomHouse is now trying to sell a treasure trove of data stolen from the chipmaker on the dark web.

A report from Restore Privacy suggests AMD may have been the target of a cyberattack. According to the publication, the RansomHouse group claims it has managed to come into possession of sensitive information stolen from the chipmaker.

RansomHouse is a relative newcomer to the ransomware market that is believed to have emerged in December 2021. In the meantime, it has targeted organizations like the Saskatchewan Liquor and Gaming Authority and Shoprite, which is the largest supermarket chain in Africa.

It seems the group's ambitions have grown considerably in the last few months, but there are some issues with the latest claim that it has a treasure trove ripped from AMD's enterprise systems. For one, RansomHouse is known to be more of a "mediator" between the actual attackers and the victims rather than a traditional ransomware gang.

Another issue is the group's announcement on the dark web, which states the data totals "450 Gb." It's not clear whether the figure is intentionally expressed in "gigabits" instead of "gigabytes" to make it seem larger, but RansomHouse says it obtained the data on January 5.

Interestingly, a sample of the stolen data suggests that some AMD employees use really simple and weak passwords such as "password," which is supposedly why the data breach was so easy to perform. That's hardly a surprise when you consider that recent studies have found company executives tend to use the same terrible passwords as other people.

An AMD spokesperson says the company is aware of these claims but didn't go into any details. The only thing we are told is that an investigation is "currently underway."

Former cybersecurity reporter for The Record, Catalin Cimpanu, believes RansomHouse may be trying to sell data stolen from one of AMD's partners rather than AMD itself. We'll have to wait and see, but Emsisoft threat analyst Brett Callow notes the group may be related to the malicious actors behind the WhiteRabbit ransomware.

Masthead credit: Sebastiaan Stam

Permalink to story.

 

Todd Sauve

Posts: 60   +75
You would think a computer tech company like AMD would have the common sense to have competent security people handling their intellectual property. It seems not ... Why is this so common among computer companies? πŸ™„πŸ™„πŸ™„
 

VitalyT

Posts: 6,271   +6,839
You would think a computer tech company like AMD would have the common sense to have competent security people handling their intellectual property. It seems not ... Why is this so common among computer companies? πŸ™„πŸ™„πŸ™„
It's like the saying - "Trust the politicians, they know what they are doing" :)

If you can spot at least 3 problems in that one sentence, there may be hope for you...
 

Lionvibez

Posts: 2,676   +2,452
You would think a computer tech company like AMD would have the common sense to have competent security people handling their intellectual property. It seems not ... Why is this so common among computer companies? πŸ™„πŸ™„πŸ™„

Or more likely the breach was one of their partners just like the intel breach a few months ago.

And it doesn't matter how secure your systems are when humans are involved.

All it takes is one computer illiterate noob and I don't know how many places you have worked but most companies are filled with them.
 

Todd Sauve

Posts: 60   +75
Money. It's always money.
That's no doubt what they will say. But multi billion dollar companies cannot use that excuse. AMD has always been a pretty sloppily led company. Thus their many, many bungles of what should be pretty straightforward decisions in regard to their business. πŸ€·β€β™‚οΈπŸ™„
 

hahahanoobs

Posts: 4,521   +2,493
That's no doubt what they will say. But multi billion dollar companies cannot use that excuse. AMD has always been a pretty sloppily led company. Thus their many, many bungles of what should be pretty straightforward decisions in regard to their business. πŸ€·β€β™‚οΈπŸ™„

As you said, "Why is this so common among computer companies?"

Exactly. It's not exclusive to AMD.

It's always about money. You're not gonna spend time money and resources if said company is confident with their security protocols.