US chip maker Nvidia says hackers breached company, stole data

Hackers stole employee user logins and proprietary company data from Nvidia last week, the U.S. chip maker said Tuesday, but added that it has not seen evidence of a ransomware attack.

A ransomware group known as Lapsus$ claims to be leaking Nvidia data.

“We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict,” a company spokesperson said. “We are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online.”

The spokesperson did not answer questions about a Telegraph report that the incident partially shut down operations for two days. Nvidia says it has notified law enforcement about the Feb. 23 breach, contacted cyber incident response experts and bolstered its defenses.

It was a tumultuous February for the company. On Feb. 7, with regulatory hurdles mounting, the company abandoned a bid that began in September 2020 to purchase U.K. chip business Arm for $66 billion.

Nonetheless, on Feb. 16 Nvidia reported a record fiscal-year revenue of $26.9 billion.

Tuesday’s statement marks a progression from earlier remarks by the company on what happened.

“We are investigating an incident,” a spokesperson said on Feb. 25. “Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.”

Tonya Riley contributed to this story.