Apple Supplier TSMC Suffers Data Breach, Hackers Demand $70M
- Thread starter MacRumors
- Start date
- Sort by reaction score
Fat_Guy
macrumors 65816
Or: It’s just a song and dance by geeks on both sides that think too much of themselves.
DeepIn2U
macrumors G5
First T-Mobile is NOT 'versed' in security - they are a mobile services company.
The issue with T-Mobile USA is that they outsource their level 2 support - I know cause I used to work for on of the outsourced companies way back in 2001 here in Toronto.
Having access to BB accounts, Sidekick 2 accounts (Danger Inc reps were always cool to chat to and was something Andy Ruben started - his 2nd venture after Google btw), etc. Many mobile accounts (Vision 21 billing system) or access directly to the Nokia switches (sadly allowing some reps access to setup SIM cards for free service without connection to Vision 21) and to so many other internal accounts was NOT secure. I'm more than certain many were shared!
Cut backs have nothing to do with lack of security its simply lack of a proper security direction and execution of protocols run by an team of IT Security engineers that KNOW their stuff and get the power to enforce!
When you're dealing with THE largest Fortune 500 corporations as clients and make SoC's for so many top global clients ... you simply do NOT outsource your DB management - in terms of access: PERIOD. Service accounts MUST have proper 30-60-90 day expiry.
Managers again are NOT the main issue. ALL employees should be following quarterly IT Security testing and protocols to be properly implemented and watched. Again IT Security professionals that have the experience should be doing THEIR jobs properly and the executive teams should heed their warnings and implement security measures immediately with no excuse to circumvent. Most managers and executive team have no issues following such protocols even if it means an inconvenience to them.
BigBrotherNowWatching
Suspended
Just switch to Lockdown Mode on all of your Apple devices and your SAFE !
Well, that’s what Apple says
BigKahunaBurguer
macrumors regular
Sure, hire someone who attack and steal your property and ask for money just to not ruin your life. I’m sure you can trust on all of them. Omg, I don’t understand sometimes what people think… xD
Misleading title. It was TSMC’s supplier which suffered the data breach. Perhaps the title should be corrected before someone decides to try a defamation lawsuit. ’just some helpful advice. -PC
>”
…”
Gasu E.
macrumors 603
Kinmax, the IT services company, is HQed in Taiwan, and only has offices in Taiwan and China. Those impacted companies would only be using them for local operations, IF at all. Also, don't read too much into "Other Kinmax partners include Microsoft, Cisco, and VMware". Any IT company USES technology from those companies and quite likely supports those technologies at their customers sites-- that's most probably what they mean by "partners".
Last edited:
Gasu E.
macrumors 603
Kinmax is an IT service company. They support their customer's use of Microsoft, Cisco, and VMWare technologies, which are foundation products for IT services. That's what an IT service company does. When an IT service company talks about "partnerships", they are talking about the technologies they support. No IT company of significance would list their clients on their website-- that would be considered a breach of confidentiality that would have their clients looking for more reliable suppliers.
Elohim369
macrumors regular
My first thought was - it's not smart to ask for $70M because, how many assassins could one buy for that money?
Think about it; this is Asia.
The higher the ask, the more reasons are stacked against the hackers. Counter hacking attempts, secret services, private security firms, mercenaries... there may even be other hackers going after that valuable data haul independently...
Think about it; this is Asia.
The higher the ask, the more reasons are stacked against the hackers. Counter hacking attempts, secret services, private security firms, mercenaries... there may even be other hackers going after that valuable data haul independently...
Is anyone working on AI for adaptive firewalling honeypotting, etc? Seems like that is useful but much harder than question-answer style AI/LLMs.
Hey, they just make the stuff, they don't use it themselves! ha ha
DeepIn2U
macrumors G5
the key is which AI has been given the compute power and knowledge to decipher say 20xx-bit encryption and a service account for authentication and more so if given the ability to override or circumvent human action and overside to disable access.
THAT is the right questions
But give them the opportunity to live. If they can completely debug Windows 3.1 in 24 hours, then they will live. Otherwise...
I was involved in an online mining scam, I started trading with them at 05/02/2022 and discovered it was all fake , around 20/06/2022 after I have invested about $700,980 with them, I was so sad because I was already in a lot of debts and all my savings and salary were already in this fake mining platform. I was about given up in life before I read a testimony about MYSTERIOUS HACKER online how they helped people to recover their lost crypto currency, I contacted them and I was able to get back my money within 48 hours, you can contact MYSTERIOUS HACKER on: mysterioushack666@cyber-wizard.com the good thing is that there is no upfront payment.
robertmorris2
macrumors regular
companies hire people to see if they can exploit vulnerabilities in their systems all the time. it's a way to find out the weaknesses in a system. there are hacker conventions that are sponsored by tech companies for that reason. it's not unreasonable to hire someone who has the skills and know-how to help a company fix those vulnerabilities. that is what people think... you need to understand that