Skip to main content

Nvidia admits data leak, doesn’t say if it hacked back

Nvidia logo
Image Credit: Getty Images

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More


Technology giant Nvidia said Tuesday that a “cybersecurity incident” last Wednesday has led to a leak of employee credentials and proprietary information online.

Following reports about the breach last week, a threat actor claimed to have attacked Nvidia, one of the largest producers of graphics chips, and threatened to post company information on its public Telegram channel.

The threat actor, Lapsus$, which is believed to operate in South America, also posted a message saying that Nvidia had hacked back. Nvidia has not responded to an inquiry on that possibility and did not address that element in its statement.

Lapsus$ said on its Telegram channel that 1TB of data was removed by Nvidia, and that Nvidia had encrypted the group’s data (though the group says it had a backup). Often, the goal of hacking back is to prevent leaks of stolen data.

A source with knowledge of the matter told VentureBeat that the threat actor’s claim that Nvidia hacked back is “untrue.”

“Nvidia did not hack the threat actor or deploy malware in retaliation to the attack,” the source said.

Data leaked online

In a statement provided to VentureBeat today, Nvidia said that “we are aware that the threat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online.” The company did not provide further specifics on what information was leaked.

“Our team is working to analyze that information,” Nvidia said. “We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.”

The company described the attack last Wednesday as a “cybersecurity incident which impacted IT resources.”

“Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement,” Nvidia said in the statement, adding that “we have no evidence of ransomware being deployed on the Nvidia environment or that this is related to the Russia-Ukraine conflict.”

Russia-Ukraine not a factor

Previous reports had indicated that ransomware may have been involved, but noted that there did not appear to be a Russia-Ukraine connection. The U.S. government has warned of increased threat of cyberattacks on U.S. businesses and agencies in the midst of Russia’s invasion of Ukraine, which has included several cyberattacks that Russia is suspected of perpetrating.

“Security is a continuous process that we take very seriously at Nvidia — and we invest in the protection and quality of our code and products daily,” the company said in its statement.

The cyberattack against Nvidia was first reported by The Telegraph, which said Friday that the company had been investigating “a potential cyberattack that has taken parts of its business offline for two days.” That timetable fits with what Nvidia disclosed in terms of an attack on Wednesday.

Quoting an unnamed “insider” at Nvidia, The Telegraph reported that the potential cyberattack had “completely compromised” internal systems at the company — “although some email services were working on Friday,” the report said.

The potential “malicious network intrusion” had caused outages for the company’s email systems and developer tools, the report said.