MSI, the Taiwanese PC company, has officially confirmed that it was the victim of a cyber attack on its systems. The company promptly initiated incident response and recovery measures after detecting network anomalies and alerted law enforcement agencies. However, MSI did not disclose any specifics about the attack or whether any proprietary information, including source code, was exfiltrated. The affected systems have gradually resumed normal operations, with no significant impact on financial business. MSI is setting up enhanced controls of its network and infrastructure to ensure data security.
The disclosure comes as a new ransomware gang, Money Message, added MSI to its list of victims. The group utilizes a double extortion technique to target its victims, which involves exfiltrating the victim’s data before encrypting it. Cyble noted in an analysis published this week that the group uploads the data on their leak site if the ransom is unpaid.
In response, MSI is urging users to obtain firmware/BIOS updates only from its official website and refrain from downloading files from other sources. This development comes a month after Acer confirmed a breach of its own that resulted in the theft of 160 GB of confidential data. The stolen data was advertised for sale on the now-defunct BreachForums.
It is important for companies to enhance their network security and take necessary measures to prevent cyber attacks. MSI’s disclosure highlights the need for enhanced controls and vigilance to protect confidential data.