Business Continuity Management / Disaster Recovery , Cybercrime , Fraud Management & Cybercrime

Maze Ransomware Gang Strikes Chipmaker MaxLinear

Company Reports Some Data Exfiltrated, Refuses to Pay Ransom
Maze Ransomware Gang Strikes Chipmaker MaxLinear
MaxLinear's website

Semiconductor manufacturer MaxLinear confirmed this week that it was hit by the Maze ransomware gang in April and some "proprietary information" was exfiltrated and personally identifiable information exposed.

See Also: Digital Transformation & Cyber Risk: What You Need to Know to Stay Safe

MaxLinear notes in a Tuesday 8-K SEC filing: "We have no plans to satisfy the attacker's monetary demands. On June 15, 2020, the attacker released online certain proprietary information. We have engaged a third party capable of safely evaluating information posted on malicious websites to advise us with respect to the content of the information posted."

In a data breach notification sent to the California attorney general's office, the company states that it discovered the attack on May 24. But further investigation revealed the intruders were inside the company's network from April 15 to May 24.

MaxLinear produces processors that are used by telephone, cable and satellite operators, set-top box manufacturers, networking equipment providers and consumer technology providers, according to the company's website.

PII Exposed

The PII accessed by the Maze gang included name; personal and company email address and personal mailing address; employee ID number; driver's license number; financial account number; Social Security number; date of birth; work location; compensation and benefit information; dependent information; and date of employment, according to the SEC filing and the notice with California authorities.

The company did not indicate if this information is for employees, customers or both nor how many people were affected and declined to comment further.

Impact on Operations

MaxLinear provided some details about the impact of the attack in the 8-K SEC filing.

"On June 16, 2020 MaxLinear, Inc. announced a security incident resulting from a Maze ransomware attack affecting certain but not all operational systems within our information technology infrastructure. The ransomware attack has not materially affected our production and shipment capabilities, and order fulfillment has continued without material interruption," according to the filing.

MaxLinear told the California attorney general's office that once the breach was discovered, it immediately took all its systems offline, contacted law enforcement and hired a third-party cybersecurity firm to analyze what took place.

The SEC filing notes: "MaxLinear's internal information technology team, supplemented by a leading cyber defense firm, has been actively taking steps to contain and assess this incident. We have been able to re-establish certain affected systems and equipment, and this work is ongoing."

MaxLinear is offering free credit monitoring all those whose information was exposed in the breach.

Maze's Tactics

Brett Callow, a threat analyst with Emsisoft, confirmed that Maze had posted to its "Maze News" darknet website a claim that it had targeted MaxLinear and exfiltrated more than 1 TB of data.

Screenshot of Maze site highlighting MaxLinear breach (Source: Emsisoft)

Maze began adding an extortion element to its ransomware attacks in December 2019 when it created a website and began publicly shaming its victims. When a victim refused to pay a ransom to decrypt files, Maze threatened to make stolen information public if its demands were not met (see: Maze Ransomware Gang Dumps Purported Victim List).


About the Author

Doug Olenick

Doug Olenick

News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to joining ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.