Microchip Technology Incorporated, an American semiconductor supplier, has confirmed that employee information was stolen during a cyberattack in August, which was later claimed by the Play ransomware gang. The company, based in Chandler, Arizona, serves around 123,000 customers across industries including automotive, aerospace, defence, and computing.
The breach, discovered on August 17, impacted multiple manufacturing facilities and disrupted operations. In response, the company shut down affected systems to contain the incident. On August 20, Microchip disclosed that the attack hindered its ability to fulfil orders.
In a recent filing with the U.S. Securities and Exchange Commission, Microchip revealed that its critical IT systems are now back online, with operations "substantially restored." The company has resumed processing customer orders and shipping products.
While investigating the breach, Microchip confirmed that some employee contact information and encrypted passwords were stolen. However, there is no evidence that customer or supplier data was exfiltrated.
The Play ransomware group claimed responsibility for the attack on August 29, listing Microchip on its data leak site. They allege to have stolen a range of sensitive data, including employee information, financial records, and contracts. The group has partially leaked some of the data and threatened to release the rest unless the company responds.
Play ransomware, which emerged in June 2022, is known for using double-extortion tactics, where stolen data is used to pressure victims into paying for ransomware. The gang has targeted several high-profile organizations, including Rackspace, the City of Oakland, and Dallas County.
Microchip continues to investigate the breach with assistance from cybersecurity experts. Despite the ongoing investigation, the company has been able to resume most operations.
