On Friday, August 6, Gigabyte confirmed that a small number of servers had been attacked with ransomware by a group of hackers known as RansomEXX. Reports from TechPowerUp place the total at 112 GB of stolen confidential data, much of which belonged to top-tier companies like Intel, AMD, and AMI.
In the screenshot of the rescue note, it appears that the hackers had demanded to speak to someone with the right to act on Gigabyte's behalf, with any contact from other parties that would result in the rescue collection. It is not known how much money the hackers demanded, but reports say gigabytes must act quickly to isolate the hacked servers from the network and incorporate local law enforcement to monitor the next crucial steps.
According to a Gigabyte representative who spoke Money UDM, the situation has been resolved since then. Now all the affected systems work normally thanks to the cooperation between Gigabyte and "technical experts from a number of external information security companies" (translated from Chinese).
The report also indicates that Gigabyte carried out rapid defensive cyber attacks in retaliation and has now revised its infrastructure, strengthening network security to protect it from future attacks. All of this is great news, but hackers could easily continue to own the confidential documents and perhaps still be planning to release them to the public.
Gigabyte has had a tough day. With some PSU models failing catastrophically on camera, the last thing the company needed was hacking as well. And with constantly evolving malware and tech giants being such juicy targets right now, companies will have to maintain strict measures to ensure their cybersecurity is up to date, and no less than those under strict NDA of the big names.