Skip to main content

Hackers targeted AMD to steal huge 450GB of top-secret data

A data extortion group known as RansomHouse has asserted that it has stolen upwards of 450GB of sensitive data from AMD.

Team Red has since confirmed that it launched an investigation into the matter after the situation came to light.

A large monitor displaying a security hacking breach warning.
Stock Depot / Getty Images

As reported by Bleeping Computer and Tom’s Hardware, RansomHouse is not your regular hacking group that randomly targets whoever they can.

They have a more specific methodology — infiltrate a specific corporate network in order to extract any data it can obtain, after which a ransom demand is made if the victim doesn’t want it leaked or sold to others.

Get your weekly teardown of the tech behind PC gaming
Check your inbox!

By providing updates over the past week via Telegram, RansomHouse stated it would soon make available for purchase tranches of data for a business that has three letters in its name, with the first letter being A.

As expected, on Monday, AMD was added to its website. It claims to be in possession of 450GB of data, but the exact details pertaining to what that contains remain unconfirmed.

Tom’s Hardware highlights how Restore Privacy reviewed the data published by the group — it found that it seemingly includes “network files, system information, as well as AMD passwords.” The website points out a caveat, though — whether the source of information has actually been extracted from AMD or one of its subcontractors is another question entirely.

In any case, RansomHouse said that AMD relied on extremely straightforward passwords such as, well, “password,” which is one of the ways it managed to gain access to its networks.

The semiconductor and GPU company’s network was compromised on January 5, 2022, according to the group’s statement.

However, RansomHouse told Bleeping Computer that its “partners” breached and gained access to AMD’s network around a year ago. January 5, 2022, is when the hackers ultimately lost that access.

A depiction of a hacker breaking into a system via the use of code.
Getty Images

AMD was not contacted by the group as it prefers to sell the data due to the perceived high value. It says that among the 450GB of stolen data is research and financial information. Such data is currently being analyzed so they can calculate an exact monetary value.

“No, we haven’t reached out to AMD as our partners consider it to be a waste of time: it will be more worth it to sell the data rather than wait for AMD representatives to react with a lot of bureaucracy involved,” a RansomHouse representative told Bleeping Computer.

Although ransomware was reportedly not involved in the breach, a leaked CSV shows a list of over 70,000 devices that are seemingly connected to AMD’s internal network, in addition to a purported list of AMD corporate credentials. As well as ‘password’, other weak passwords that were reportedly used by AMD employees also included “P@ssw0rd,” “amd!23,” and “Welcome1.”

Nvidia, Microsoft, Facebook, and other large corporations were all infiltrated throughout 2022 by the hacking group LAPSUS$, who also claimed to have breached all these firms predominantly via weak passwords.

Editors' Recommendations

Zak Islam
Former Digital Trends Contributor
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Hackers are using a devious new trick to infect your devices
A person using a laptop with a set of code seen on the display.

Hackers have long used lookalike domain names to trick people into visiting malicious websites, but now the threat posed by this tactic could be about to ramp up significantly. That’s because two new domain name extensions have been approved which could lead to an epidemic of phishing attempts.

The two new top-level domains (TLDs) that are causing such consternation are the .zip and .mov extensions. They’ve just been introduced by Google alongside the .dad, .esq, .prof, .phd, .nexus, .foo names.

Read more
This Bing flaw let hackers change search results and steal your files
The new Bing preview screen appears on a Surface Laptop Studio.

A security researcher was recently able to change the top results in Microsoft’s Bing search engine and access any user’s private files, potentially putting millions of users at risk -- and all it took was logging into an unsecured web page.

The exploit was discovered by researcher Hillai Ben-Sasson at their team at Wiz, a cloud security firm. According to Ben-Sasson, it would not only allow an attacker to change Bing search results but would also grant them access to millions of users’ private files and data.

Read more
This major Apple bug could let hackers steal your photos and wipe your device
A physical lock placed on a keyboard to represent a locked keyboard.

Apple’s macOS and iOS are often considered to be more secure than their rivals, but that doesn’t make them invulnerable. One security team recently proved that by showing how hackers could exploit Apple’s systems to access your messages, location data, and photos -- and even wipe your device entirely.

The discoveries were published on the blog of security research firm Trellix, and will be of major concern to iOS and macOS users alike, since the vulnerabilities can be exploited on both operating systems. Trellix explains that Apple patched the exploits in macOS 13.2 and iOS 16.3, which were released in January 2023, so you should update your devices as soon as you can.

Read more