On Friday, August 6, Gigabyte confirmed a small number of its servers had been under ransomware attack by a hacker group known as RansomEXX. Reports from TechPowerUp place the total at 112GB of confidential data stolen, much of which belonged to top companies like Intel, AMD, and AMI.
From the ransom note screenshot, it appears the hackers had demanded to speak to someone with the right to act on Gigabyte's behalf, with any contact from other parties resulting in the ransom being raised. There's no word on how much money the hackers demanded, but reports note Gigabytes quick action to isolate the hacked servers from the network, and bring local law enforcement in to oversee the crucial next steps.
According to a Gigabyte representative who spoke to Money UDM, the situation has since been resolved. All affected systems are now operating normally thanks to cooperation between Gigabyte and "technical experts from a number of external information security companies" (translated from Chinese).
The report also indicates that Gigabyte carried out swift defensive cyber attacks in retaliation, and has now reviewed its infrastructure, strengthening its network security to protect from future attacks. This is all great news, but the hackers could easily still be in posession of the confidential docs, and may still be planning to release them to the public.
It's been a rough few days for Gigabyte. With certain PSU models catastrophically failing on camera, the last thing the company needed was to get hacked, too. And with malware evolving constantly, and tech giants being such juicy targets at the moment, companies will need to keep stringent measures to ensure their cybersecurity is up to date—not least those under strict NDAs from the big names.