The new portion of significant data incidents
07.04.2023Back to news
Recently details on a number of tremendous data related incidents were exposed.
The first incident affected Western Digital, which is an American computer drive manufacturer and data storage company. As it was reported by the company representatives, an unauthorized third party gained access to a number of Western Digital's internal systems on March 26. The investigation is in progress and still not many details are known.
Preliminary, intruders managed to obtain and exfiltrate some data from the corporate infrastructure. The real scope of the incident, amount of data stolen, as well as the type of this data isn’t revealed yet. Probably, the incident is linked to ransomware.
The second incident affected the MSI company, which is the information technology corporation. MSI develops computer hardware and related products. Cybercriminals claim obtaining and stealing approximately 1,5 Tb of data. They demand $4 mln. ransom, otherwise, intruders warned to expose the stolen data within a few days. According to the BleepingComputer, intruders exposed a few screenshots of what they claim to be:
• Hardware vendor's CTMS and ERP databases
• Files containing software source code, private keys, and BIOS firmware.
The insider related incident affected the SAMSUNG company as well. Employees of the company accidentally leaked part of source code. Currently it was reported about three cases of confidential data leak:
• An engineer of the semiconductor department put the source code into the ChatGPT string and asked the AI to check it
• In the second case, another person sent the source code to ChatGPT for optimization
• The third leak occurred when an employee tried to create a meeting minutes and shared customer’s corporate data with the chat bot.