MSI attackers leak over 500GB of stolen data


A data breach of a major Taiwanese computer manufacturer culminated in cybercriminals leaking several of the company’s databases, acquired in a recent ransomware attack.

Money Message ransomware cartel published nearly 528GB of data supposedly taken from the Taiwanese computer manufacturer Micro-Star International (MSI).

The leak consists of three databases, two of them dating back to 2022 – January 19 and September 17 – and the other from January 23 this year. The data dump was first spotted by security researcher Dominic Alvieri on April 13.

ADVERTISEMENT

Earlier this month, MSI confirmed the company suffered a cyberattack, with attackers supposedly demanding several million dollars in ransom for the stolen MSI source code.

Source code leaks pose severe security issues to companies, as threat actors can get a glimpse of the company’s intellectual property and system data. Revealing source code can allow attackers to subsequently craft targeted security exploits.

“MSI urges users to obtain firmware/BIOS [basic input/output system] updates only from its official website, and not to use files from sources other than the official website,” MSI said in a statement confirming the April attack.

According to researchers at cybersecurity firm Cyble, the Money Message ransomware gang is a relative newcomer to the market, first observed last month. While the gang was only detected this year, it has already targeted several multi-billion dollar organizations, Cyble claims.

MSI is a major information technologies player in the global market, with a presence in over 100 countries and a yearly revenue hovering close to $6 billion (TWD180 billion).