Nvidia Hack ‘Completely Compromised’ Internal Systems: Report

‘We are investigating an incident. Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event,’ an Nvidia spokesperson tells CRN.

Nvidia had its internal systems “completely compromised” by a potential cyberattack that has taken parts of its business offline for two days, The Telegraph reported.

The Santa Clara, Calif.-based chipmaking giant’s email systems and developer tools have been suffering from outages over the past two days after what is believed to have been a malicious network intrusion, according to The Telegraph. It is unclear if any data has been stolen or deleted from Nvidia or its clients, or if the attack merely disrupted the semiconductor manufacturer’s systems, The Telegraph reported.

“We are investigating an incident,” Nvidia told CRN in an emailed statement. “Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don‘t have any additional information to share at this time.“

[Related: Nvidia Confirms $40B Arm Deal Is Dead Due To ‘Regulatory Challenges’]

The company is not yet believed to have identified a culprit, and Nvidia customers said they had not been informed of any incident, according to The Telegraph. There is no evidence linking the attack on Nvidia to retaliation by the Russians following the United States and other Western nations slapping the Kremlin with sanctions in the wake of Russia’s invasion of Ukraine.

“Security breaches, computer malware, phishing, and cyber-attacks continue to become more prevalent and sophisticated,” Nvidia wrote in a regulatory filing. “These threats are constantly evolving, making it increasingly difficult to successfully defend against them or implement adequate prevention measures. These attacks have occurred on our systems in the past and are expected to occur in the future.”

Nvidia said SolarWinds was a third-party software provider at the time the Russian foreign intelligence service (SVR) compromised nine federal agencies and more than 100 private sector companies through a flaw in SolarWinds’ Orion network monitoring tool. Nvidia brought in a third-party expert to probe the impact of the SolarWinds breach but wasn’t able to identify any adverse impact to Nvidia.

“Reported or perceived vulnerabilities, even if not exploited, can cause us harm,” Nvidia wrote in a filing with the U.S. Securities and Exchange Commission (SEC), describing potential risks faced by the company. “Our efforts to prevent and overcome these and similar challenges could increase our expenses and may not be successful. We may experience interruptions, delays, cessation of service and loss of existing or potential customers.”

Nvidia earlier this month terminated its $40 billion bid to acquire British chip designer Arm in the face of opposition from regulators. The company said the decision was mutual, resulting from “significant regulatory challenges preventing the consummation of the transaction, despite good faith efforts by the parties.”

A week later, the company reported record revenue for gaming, data center and professional visualization in the fiscal year ended Jan. 30, 2022. Nvidia’s professional visualization business grew faster than the rest of the company’s operations, doubling sales of its GPU processors for workstations.

Nvidia’s fourth-quarter revenue was $7.6 billion, up 53 percent year-over-year, beating Wall Street’s expectations by $210 million. That contributed to Nvidia hitting a record $26.9 billion of sales in fiscal 2022, a 61 percent increase from the previous fiscal year.

Nvidia’s stock closed Friday at $241.57, up $4.09 or 1.72 percent for the day.