Microchip Technology, a prominent American semiconductor manufacturer, has disclosed a cyberattack in August 2024 that compromised sensitive employee information. The company’s recent filing with the U.S. Securities and Exchange Commission (SEC) revealed the breach, confirming that the attack targeted employee details, including contact data and encrypted passwords.
The attack, detected on August 17, 2024, forced Microchip to temporarily shut down certain systems and isolate affected servers to prevent further compromise. Despite the disruption, the company successfully restored critical IT systems within a week and resumed customer order processing and product shipments. The Play ransomware gang, known for double-extortion tactics, has claimed responsibility for the attack. The group encrypts victims’ files and threatens to leak stolen data unless a ransom is paid. Microchip’s investigation revealed that Play had accessed and stolen confidential employee information, client documents, and financial records. Some of the stolen data has been released online by the gang as a pressure tactic.
Microchip is actively working with cybersecurity experts and forensic investigators to investigate the data theft claims and restore affected systems while implementing enhanced security measures. The incident highlights the growing threat of cyberattacks against semiconductor companies, vital to industries such as automotive, aerospace, and consumer electronics. Microchip Technology, with its extensive customer base and role in the global supply chain, is among several tech firms targeted by cybercriminals in recent years.
Microchip is committed to protecting its systems and preventing future breaches. The company has notified employees, authorities, and regulators about the incident and is working to mitigate any potential risks. While the investigation is ongoing, Microchip does not anticipate a material impact on its financial or operational performance.
