Data Leak banner

Nexperia reports security breach following ransomware data leak

2 Mins Read

PureVPNNewsNexperia reports security breach following ransomware data leak

Dutch chipmaker Nexperia, a subsidiary of Chinese company Wingtech Technology, has officially confirmed a significant breach of its network. A ransomware gang known as Dark Angels claimed responsibility for the breach and leaked samples of what it claims to be stolen data from Nexperia on their website called Dunghill Leak.

Immediate Actions Taken by Nexperia

Following the breach, which occurred in March 2024, Nexperia took swift action to mitigate the impact. According to a statement released by the company. “Nexperia has become aware that an unauthorized third party accessed certain Nexperia IT servers in March 2024,” the statement read

“We promptly took action and disconnected the affected systems from the internet to contain the incident and implemented extensive mitigation.” The company also engaged external cybersecurity experts to help assess and fortify their security posture, aiming to prevent future incidents. 

“We also launched an investigation with the support of third-party experts to determine the nature and scope of the incident and took strong measures to terminate the unauthorized access,” Nexperia stated.

Details of the Data Leaked

On April 10, the ransomware group escalated their threats by posting samples of the stolen data on their website, which included:

  • Microscope scans of electronic components
  • Passports and personal IDs of employees
  • Confidential non-disclosure agreements

The total data at risk includes approximately 1 terabyte, segmented as follows:

  • 371 GB of product designs and proprietary company data
  • 246 GB of engineering research and internal reports
  • 96 GB of marketing strategies and commercial analyses
  • 41.5 GB of personal employee information
  • 109 GB of client data involving major corporations like SpaceX and Apple
  • 121.1 GB of assorted files including emails and administrative documents

Nexperia added to the Dunghill Leak site (Source: BleepingComputer)

These figures are particularly alarming as they represent a comprehensive breach impacting nearly all facets of Nexperia’s operations.

Dunghill Leak’s Connection to Dark Angels

Dark Angels leverage the Dunghill Leak to exert pressure on their victims to meet ransom demands. Notably, in September 2023, Dark Angels had compromised Johnson Controls, a major player in building automation. 

During this breach, they encrypted data on the company’s VMWare and ESXi servers. Despite threats to release the stolen data on the Dunghill Leak website if their ransom demands were not met, these disclosures were not made public.

As of now, the Dunghill Leak site lists twelve victims. The data related to eight of these entities has been released in full or in part. Two additional cases are noted as having their data ‘sold on the dark web.’ 

Final Word

As companies continue to grapple with the advancements in ransomware and cyber-attacks, the incident at Nexperia underscores the need for continuous improvement in digital security measures.

author

Anas Hasan

date

April 16, 2024

time

8 months ago

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.