NVIDIA finally confirms the data breach after a ransomware gang claimed responsibility last Saturday.
The breach includes confidential data about the tech company's software and hardware.
The threat actors that carried out the breach are called Lapsus$. The group of hackers stated that they were able to seize 1TB of data from the company.
The company is being held in ransom over an Ethereum hash rate limiter that was installed on its most recent graphics card release.
NVIDIA's Data Breach
NVIDIA stated that they are aware that the threat actors took sensitive information such as employee credentials and proprietary information from the company's system.
The breach occurred just one day before the political turmoil and aggression started between two countries in Eastern Europe.
This led numerous people in the community to assume that the hack NVIDIA experienced is part of the work of Russian state-sponsored hackers.
However, NVIDIA clarified the rumor and stated that there is no evidence that the hacking in their systems is related to the onslaught in Eastern Europe. In addition, the threat actors Lapsus$ also denied their involvement in the political conflict.
According to the GPU manufacturer, after becoming aware of the intrusion on Wednesday (Feb. 23), NVIDIA notified law enforcement and enlisted the assistance of cyber-security professionals in response to the attack.
LAPSUS$ Hacking Motivation
During the hacking, NVIDIA was aware throughout and made efforts to stop the breach from infiltrating their systems. During this period, they "quickly escalated to the level of system administrator for a large number of systems."
NVIDIA attempted to retaliate by encrypting a machine the hackers were using to retrieve data from the company.
However, the effort was unsuccessful due to the quick work of LAPSUS$. The group swiftly possessed all of the information it required. Furthermore, they also revealed that they had been successful in obtaining data they described as being of critical importance.
The threat actors behind the hacking revealed that they had been in NVIDIA's systems for about a week.
The group also stated that it has "decided to help [the] mining and gaming community" by demanding NVIDIA to push an update for all GeForce RTX 30 Series Firmware, which will remove any restrictions placed by the company on the cards.
If NVIDIA refuses to comply with the group's demands, they will release a folder containing instructions on how to remove the tech giant from the market.
According to the group, if they remove the LHR, "we will forget about [the] hw folder." LASPSUS$ also stated that they are aware of the negative impact of LHR on mining and gaming.
Leaked Next-Generation GeForce GPU
According to the leak, there will be six GPUs based on the AD100 architecture, which will be named after Ada Lovelace.
The PC Gamer observed that the next-generation lineup will look good next to the graphics chips that came out of the Ampere generation. The company is going to use AD102, AD103, AD104, AD106, AD107, and AD10B chips to make the next generation of GeForce GPUs.
However, official information about the new graphics cards still remains unknown. It is also not yet confirmed where the chips are going to be made, how big they are, or when users can expect to see them in stores.