Dominant Crypto Platforms Reluctant to Ban Russian Users
Source: Mark Tyson
However, the 71,355 figure does seem a bit high compared to what we know about Nvidia's current global workforce.
(Image credit: Shutterstock)
By now, even most casual tech industry observers are aware that Nvidia was hacked last week. Nvidia confirmed the attack, stating that it was "aware of a cybersecurity incident which impacted IT resources." The company went on to add that "we are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online."
South America-based hacking group Lapsus$ claimed responsibility for the cyberattack and now apparently has leaked the credentials of Nvidia employees online. As confirmed by the Have I Been Pwned monitoring website, credentials for 71,355 employees are accessible. According to the site, the available data includes "over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community."
The first thing that caught our attention is the sheer number of employee accounts allegedly affected. Given that this number seemed out of the ordinary based on publicly-accessible information, we reached out to Nvidia for clarification. The company confirmed that it has over 20,000 employees worldwide, but could not give us a more specific number. So those leaked credentials could include former employees, employees with multiple accounts to access internal (and external) services, etc. In addition, we verified that several of our Nvidia contacts were identified in the February 2022 breach according to Have I Been Pwned.