RansomHouse, a data extortion group, has claimed that it has hands on more than 450GB of sensitive data from AMD.
RansomHouse is not those common hacking groups that arbitrarily targets whoever they can. According to Bleeping Computer, RansomHouse is a data extortion gang that hacks corporate networks, steals and holds up data, and then demands a ransom in exchange of not publicly leaking the data or sell it to other miscreants.
If claims are to be believed, RansomHouse has gotten the files from a breach into AMD’s network on January 5, 2022, it said. And it is not from the previous leak of its intellectual property.
Online privacy expert RestorePrivacy wrote in blogpost that it had studied the samples of the data and found that it comprises network files, system information, and AMD passwords gathered in the alleged breach. RansomHouse said that AMD used simple password to secure its network.
“An era of high-end technology, progress and top security…there’s so much in these words for the crowds. But it seems those are still just beautiful words when even technology giants like AMD use simple passwords like ‘password’ [others passwords redacted] … to protect their networks from intrusion. It is a shame those are real passwords used by AMD employees, but a bigger shame to AMD Security Department which gets significant financing according to the documents we got our our hands on – all thanks to these passwords.”
RansomHouse also tags AMD on a list of targets that they claim, “either have considered their financial gain to be above the interests of their partners / individuals who have entrusted their data to them or have chosen to conceal the fact that they have been compromised.”
RestorePrivacy blog, however, indicate that AMD is yet to pay a ransom for the stolen data.
AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway,” RestorePrivacy quoted AMD Communications Director.