If true, it would be the second time the companye has been targeted by a ransomware operator in 2021 following an earlier attack in August.
While Gigabyte hasn’t yet commented on the incident, according to dark web criminal intelligence platform DarkTracer, the company’s name has appeared in the list of victims of the relatively new ransomware operative AvosLocker.
As is usually the case, the AvosLocker gang has reportedly published some of the stolen data as proof of their attack on Gigabyte.
Privacy Sharks claims to have seen the data sample, and says that it contains lots of sensitive information including passwords and usernames, employee payroll details, human resources documents, and credit card details.
Furthermore, the shared 14.9 MB sample also contains documents of Gigabytes dealings with other reputable firms such as Barracuda Networks, Blizzard, Black Magic, Intel, Kingston, Amazon, and BestBuy.
If the contents in the sample are indeed authentic it could cause sleepless nights at Gigabyte HQ, especially since a report earlier this month suggested that AvosLocker plans to pioneer a twist to the classic double-extortion methodology to punish non-paying victims by auctioning their data rather than posting it for free.
Industry experts believe that given the nature of the exfiltrated data, Gigabyte would be left with little option but to pony up since it wouldn’t want these sensitive details to end up with one of its competitors.