MSI confirmed today that it recently became a target of a cyberattack. In a concise statement on its official website, the company revealed that a portion of its information systems was affected, but normal operations have since resumed.
Customers are advised to only download BIOS and firmware updates from MSI's website, avoiding alternative sources. The company has been sparse on details, only stating that they detected network irregularities, activated defense mechanisms, and undertook recovery measures. Subsequently, MSI informed government agencies and law enforcement about the incident.
April 07, 2023
MSI recently suffered a cyberattack on part of its information systems. Upon detecting network anomalies, the information department promptly activated relevant defense mechanisms and carried out recovery measures, and reported the incident to government law enforcement agencies and cybersecurity units. Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business.
MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website.
MSI is committed to protecting the data security and privacy of consumers, employees, and partners, and will continue to strengthen its cybersecurity architecture and management to maintain business continuity and network security in the future.
In an unsigned blog post, MSI expressed its commitment to the data security and privacy of its consumers, employees, and partners. The company intends to enhance its cybersecurity infrastructure and management in order to maintain business continuity and network security. The statement does not indicate whether customer data was compromised or affected. The cyberattack first came to light in a BleepingComputer report yesterday, which revealed that a ransomware group called Money Message claimed to have stolen source code, a framework for BIOS development, and private keys. The group also reportedly claimed to have acquired 1.5TB of data and demanded a ransom exceeding four million dollars. The relationship between these claims and the MSI incident remains uncertain, as does whether a ransom was paid.