Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireCybersecurity News

Gigabyte victim to ransomware again

By Maria Henriquez
data-leak-freepik2067.jpg
October 22, 2021

Gigabyte Technology, a Taiwanese manufacturer and distributor of computer hardware, has allegedly suffered a massive data breach as a result of a ransomware attack. 


The AvosLocker ransomware gang is claiming to be behind the breach, leaking a sample of “stolen files” from Gigabyte’s network and offering to sell the rest of the data.


The threat actors posted a “press release,” announcing that it had hacked the Taiwanese company. PrivacySharks and Threatpost confirmed the leaked files appear to contain confidential details regarding deals with third-party companies and personally identifiable information about employees. 


“Gigabyte INC suffered a breach, and this is a sample of the files we’ve downloaded from their network. Barracuda NDA + full dir list leaked in [the] sample,” AvosLocker said. 


The ransomware group has threatened to leak more data from Gigabyte’s network if the company refuses to negotiate, according to PrivacySharks. In addition, PrivacySharks researchers say, “We hope that there are no Gigabyte private master keys included in this leak which could potentially see a new supply chain attack like the Solarwinds Supply Chain Attack. If the leak does include keys, these could be used to impersonate Gigabyte, forcing servers and motherboards to download fake updates and drivers, etc.”


The leaked data contains files from as recently as May 2021, as reported by PrivacySharks, and includes the following:

  • Potential credit card details. Fortunately, if these files contain credit card information, the credit cards may be expired as this folder is from 2014.
  • Password and username details.
  • Employee payroll details.
  • HR agreements with consultants as well as full names, images, and CVs.
  • 10 PDF documents in a file named ‘Passports.’
  • Information on over 1,500 job candidates, including full names, CVs, resumes, and applications. There are also Zoom internet details with what appears to be personal information on each candidate.
  • A folder named ‘Mailchimp’ containing GSM Account Database information. This could include email addresses.
  • A zip folder containing an NDA and information of a deal with Barracuda Networks worth $100,000+
  • In addition to Barracuda Networks, the leak includes various data from the following well-known companies: Blizzard, Black Magic, Intel, Kingston, Amazon, BestBuy.
  • A .txt file named ‘Tree’ containing 133,352 lines of folder and file names stolen in the breach.
  • Business expenses from trips such as ‘Hawaii 2019’, including money spent on Luau drinks, uber trips, and tips.
  • Images from company events, including Christmas parties, Halloween parties, and ‘Tony’s Birthday.’


Furthermore, the leaked data risks not only company reputation, but also Gigabyte’s relationships with third-party companies as highly confidential deals and NDAs have been exposed. 


Chris Morgan, Senior Cyber Threat Intelligence Analyst at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, says, “The recent incident affecting Gigabyte is the second time the Taiwanese company has been impacted by a ransomware attack in the past three months. The RansomExx group targeted Gigabyte in August 2021, which resulted in the theft of 112GB of data. However, it is yet unclear whether this is connected to the recent attack by AvosLocker.”


Avoslocker is a relatively new ransomware group and was first observed in June 2021, Morgan explains. “They are based on the ransomware-as-a-service (RaaS) business model. This involves ransomware developers renting out their malware and infrastructure to affiliates, who conduct attacks on their behalf in return for a share of profits. AvosLocker is distinctive due to its use of an auction feature for stolen data, which the group introduced in mid-September; this followed the introduction of a similar feature by the REvil group in June 2021. This allows interested parties to pay for the data that AvosLocker steals from their victims, though it is unclear how successful this feature has been in terms of providing an additional revenue source for the group.”


“The details in the file tree should be extremely concerning to Gigabyte as they consider the impact of this breach, notes Jake Williams, Co-Founder and CTO at BreachQuest, an Augusta, Georgia-based leader in incident response. “In most double extortion schemes, the data theft focuses on quantity rather than quality. The file tree from this dump suggests that, in this case, the threat actor focused on quality. The AvosLocker double extortion model includes the sale of data for those that don’t pay, rather than just free release. To facilitate sales, AvosLocker must steal data that’s worth buying. The file tree (directory listing) teased by AvosLocker certainly appears to be the kind of data that would be valuable to a multitude of cybercriminals. In addition to personal data, the dump would also seemingly include contract details that will doubtlessly damage relationships with vendors and cause significant reputational losses for Gigabyte. It also seems likely there are trade secrets included in the dumps. However, the quantity and quality of those trade secrets are difficult for outsiders to evaluate based on file and directory names. But one thing is for sure — Gigabyte is feverishly evaluating the contents of the files in the directory listings and evaluating the impact of their probable release.”

KEYWORDS: cyber security data breach ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • black screen with multicolored text and white lock

    50 percent of organizations fell victim to ransomware in 2022

    See More
  • criminal-on-laptop.jpg

    Lumen falls victim to 2 ransomware attacks

    See More
  • BOSE

    Bose victim of ransomware attack

    See More

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
  • September 3, 2024

    From DDoS Protection to WAAP: How Layered Protection Enhances Your Cybersecurity Strategy

    ON DEMAND: By participating in the webinar, attendees will gain enhanced knowledge of cyber threats and understand the current spectrum of cyber threats facing businesses.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing