A Hacker Gang Claims It Stole AMD’s Data. Were Bad Passwords to Blame?

A cybercrime gang claims that it just lately stole 450 gigabytes of information from international chipmaker AMD by merely guessing staff’ horrible passwords.

According to a report from Restore Privacy, the e-crime gang RansomHouse claims to have come into possession of a big trove of AMD’s knowledge and has now revealed a few of it to their “leak site.” Such websites are utilized by extortionist cybercrime gangs to goad knowledge theft victims into paying ransoms for his or her stolen data. The knowledge appears to incorporate “network files, system information, as well as AMD passwords,” the outlet experiences.

It’s not completely clear how the info was stolen, although the gang has insinuated it was as a result of AMD staff had godawful, ineffective passwords.

“An era of high-end technology, progress and top security… there’s so much in these words for the crowds. But it seems those are still just beautiful words when even technology giants like AMD use simple passwords to protect their networks from intrusion,” RansomHouse wrote on its web site, according to TechCrunch. “It is a shame those are real passwords used by AMD employees, but a bigger shame to AMD Security Department which gets significant financing according to the documents we got our hands on — all thanks to these passwords.”

Indeed, the login credentials revealed within the obvious breach seem to have included such well-known horrible passwords akin to “123456″ and “Welcome1,” TechCrunch reports, after viewing a few of the knowledge. If that’s the case, then about 5 minutes of password guessing would have in all probability helped any cybercriminal price their salt breach the corporate’s techniques.

When reached for comment by Gizmodo, AMD said that it was “aware of a bad actor claiming to be in possession of stolen data from AMD” and that an “investigation is currently underway.” It’s not totally clear whether the gang has asked for a ransom in return for the information, whether the gang is simply leaking the company’s data for the hell of it, or how much of what the gang is saying is true.

RansomHouse is a comparatively new gang that seems to have first popped up in direction of the tail finish of 2021. While it appear to resemble a ransomware gang, it’s apparently doesn’t truly develop or use any malware, preferring to easily steal knowledge and extort companies with reams of hijacked data. The gang beforehand took credit for hacking targets lesser identified within the U.S., akin to a big African purchasing chain known as ShopRite and the Saskatchewan Liquor and Gaming Authority.