MSI attackers leak over 500GB of stolen data

A data breach of a major Taiwanese computer manufacturer culminated in cybercriminals leaking several of the company’s databases, acquired in a recent ransomware attack.

Money Message ransomware cartel published nearly 528GB of data supposedly taken from the Taiwanese computer manufacturer Micro-Star International (MSI).

The leak consists of three databases, two of them dating back to 2022 – January 19 and September 17 – and the other from January 23 this year. The data dump was first spotted by security researcher Dominic Alvieri on April 13.

Earlier this month, MSI confirmed the company suffered a cyberattack, with attackers supposedly demanding several million dollars in ransom for the stolen MSI source code.

Source code leaks pose severe security issues to companies, as threat actors can get a glimpse of the company’s intellectual property and system data. Revealing source code can allow attackers to subsequently craft targeted security exploits.

“MSI urges users to obtain firmware/BIOS [basic input/output system] updates only from its official website, and not to use files from sources other than the official website,” MSI said in a statement confirming the April attack.

According to researchers at cybersecurity firm Cyble, the Money Message ransomware gang is a relative newcomer to the market, first observed last month. While the gang was only detected this year, it has already targeted several multi-billion dollar organizations, Cyble claims.

MSI is a major information technologies player in the global market, with a presence in over 100 countries and a yearly revenue hovering close to $6 billion (TWD180 billion).