Microchip Technology Incorporated, an American semiconductor supplier, has confirmed that employee information was stolen from systems compromised in an August cyberattack claimed by the Play ransomware gang. The company, headquartered in Chandler, Arizona, has around 123,000 customers across various industry sectors.
The incident occurred on August 17 and impacted the company’s ability to meet orders, forcing it to shut down some of its systems and isolate the affected ones. Microchip Technology revealed that its operationally critical IT systems are now back online, with operations “substantially restored” and the company processing customer orders and shipping products for over a week.
While investigating the breach, Microchip Technology found that attackers had stolen employee data from its systems, including contact information and some encrypted and hashed passwords. However, the company has yet to find evidence that customer information was also exfiltrated during the breach.
The Play ransomware gang claimed responsibility for the attack on August 29 by adding the American chipmaker to their data leak website on the dark web. They threatened to leak more stolen data if the company doesn’t react to the leak.
Source: https://www.bleepingcomputer.com/news/security/microchip-technology-confirms-data-was-stolen-in-cyberattack/