SecurityWeek

Synopsys Finds No Evidence of Data Breach Amid Bosch Hack Claims


Silicon-to-systems design firm Synopsys says it has found no evidence of a data breach after a cybercrime group claimed to have hacked its systems and gained access to valuable data belonging to one of its major customers, Bosch.

A new ransomware group named D1R in recent days listed Synopsys and Bosch on its Tor-based leak website. The cybercriminals claimed to have exploited a vulnerability in Synopsys’ website to access a corporate client database containing 40,000 entries, and they are threatening to leak the stolen data unless a ransom is paid.

Separately, D1R claimed to have hacked German engineering and technology giant Bosch using data obtained from Synopsys. The cybercriminals allegedly obtained valuable intellectual property belonging to Bosch.

Synopsys specializes in electronic design automation software and pre-designed semiconductor blueprints used to build and test microchips. The company supplies the software tools and digital chip blueprints that Bosch’s engineering teams rely on to design electronic components for modern vehicles and industrial systems.

However, Synopsys told SecurityWeek that it has found no evidence to support the hackers’ claims.

“The security of data and systems is a priority for Synopsys,” the company said. “We are continuously monitoring our network and have found no evidence of Synopsys or customer technical data being subject to unauthorized access. We have not been contacted by this threat actor and, based on our investigation, claims of unauthorized access to customer confidential data are unfounded.”

Advertisement. Scroll to continue reading.

Indeed, a screenshot of a document the hackers posted to prove access to Bosch data appears to be from a user manual that is already in the public domain.

It’s not uncommon for cybercriminals to leak fake data or exaggerate the scope of their hacks.

When contacted by SecurityWeek, Bosch declined to answer specific questions about the incident, offering a standard boilerplate statement instead:

Bosch places great importance on cybersecurity. As a globally networked industrial company, Bosch continuously strengthens the protection of its digital systems and expands its capabilities to respond quickly and in a coordinated manner to potential cyber incidents. The goal is to protect critical systems based on risk and limit the impact of potential attacks. In this way, cybersecurity makes a significant contribution to Bosch’s reliability, operational capability, and resilience.

Related: Accenture Confirms Data Breach After Hacker Claims Source Code Theft

Related: Centers Laboratory Data Breach Affects 540,000 Individuals

Related: 12 Million Impacted by Data Breach at Japanese Telco KDDI



Source link