{
	"id": "4e32d0f1-eb41-4e3e-bc03-63577d03eb5d",
	"created_at": "2026-04-06T00:08:41.255817Z",
	"updated_at": "2026-04-10T03:21:50.583115Z",
	"deleted_at": null,
	"sha1_hash": "56a089812ed996657c55496970e175ea73464f40",
	"title": "TSMC denies LockBit hack as ransomware gang demands $70 million",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1809842,
	"plain_text": "TSMC denies LockBit hack as ransomware gang demands $70 million\r\nBy Bill Toulas\r\nPublished: 2023-06-30 · Archived: 2026-04-05 17:12:51 UTC\r\nChipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit\r\nransomware gang demanded $70 million not to release stolen data.\r\nTSMC is one of the world's largest semiconductor manufacturers, with its products used in a wide variety of devices,\r\nincluding smartphones, high performance computing, IoT devices, automotive, and digital consumer electronics.\r\nOn Wednesday, a threat actor known as Bassterlord, who is affiliated with LockBit, began to live tweet what appeared to be\r\na ransomware attack on TSMC, sharing screenshots with information related to the company.\r\nhttps://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nThese screenshots indicated that the threat actor had significant access to systems allegedly belonging to TSMC, displaying\r\nemail addresses, access to applications, and credentials for various internal systems.\r\nWhile this Twitter thread has since been deleted, the LockBit ransomware gang created a new entry for TSMC yesterday on\r\ntheir data leak site, demanding $70 million or they would leak stolen data, including credentials for their systems.\r\n\"In the case of payment refusal, also will be published points of entry into the network and passwords and logins company,\"\r\nreads the LockBit data leak entry for TSMC.\r\nLockBit's threat to TSMC (BleepingComputer)\r\nTSMC denies it was hacked\r\nA TSMC spokesperson told BleepingComputer that they were not breached, but rather the systems of one of their IT\r\nhardware suppliers, Kinmax Technology, were hacked.\r\n\"TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident which led to the\r\nleak of information pertinent to server initial setup and configuration,\" stated the spokesperson.\r\n\"At TSMC, every hardware component undergoes a series of extensive checks and adjustments, including security\r\nconfigurations, before being installed into TSMC's system.\"\r\n\"Upon review, this incident has not affected TSMC's business operations, nor did it compromise any TSMC's customer\r\ninformation.\"\r\nApart from validating that its systems had not been impacted in any way, TSMC states that it also stopped working with the\r\nbreached supplier until the situation cleared up.\r\nhttps://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/\r\nPage 3 of 5\n\n\"After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the\r\nCompany's security protocols and standard operating procedures. TSMC remains committed to enhancing the security\r\nawareness among its suppliers and making sure they comply with security standards,\" continued TSMC.\r\nFinally, the semiconductor company told BleepingComputer that the investigation of the cybersecurity incident continues\r\nand also involves a law enforcement agency.\r\nKinmax, the impacted supplier, has published a statement today explaining that it became aware of a compromise of a\r\nspecific testing environment in its network on June 29, 2023.\r\nThe company discovered that the intruders managed to exfiltrate some data from the accessed system, mainly concerning\r\nsystem installation and configuration guidance for customers.\r\n\"In the morning of June 29, 2023, the Company discovered that our internal specific testing environment was attacked, and\r\nsome information was leaked,\" reads the Kinmax statement.\r\n\"The leaked content mainly consisted of system installation preparation that the Company provided to our customers as\r\ndefault configurations.\"\r\nKinmax is not the corporate giant that TSMC is, so LockBit's demands for a $70 million ransom payment will likely be\r\nignored.\r\nWhile there appears to be a mixup as to who was comprimised in this attack, the $70 million ransom demand is one of the\r\nlargest seen to date.\r\nOther large ransom demands include a $50 million ransom for Acer, $50 million in an attack on CNA, $70 million in the\r\nKaseya supply chain attack, and $240 million in an attack on MediaMarkt.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nhttps://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/\r\nPage 4 of 5\n\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/\r\nhttps://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/"
	],
	"report_names": [
		"tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million"
	],
	"threat_actors": [],
	"ts_created_at": 1775434121,
	"ts_updated_at": 1775791310,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/56a089812ed996657c55496970e175ea73464f40.pdf",
		"text": "https://archive.orkl.eu/56a089812ed996657c55496970e175ea73464f40.txt",
		"img": "https://archive.orkl.eu/56a089812ed996657c55496970e175ea73464f40.jpg"
	}
}