Dive Brief:
- Microchip Technology said an unauthorized party stole data from its IT systems during a previously disclosed cyberattack. The unidentified attacker stole employee contact information and some encrypted and hashed passwords, the company said Wednesday in a regulatory filing.
- Order processing and fulfillment, which were disrupted by the attack last month, resumed more than a week and a half ago, the company said. “Operationally critical IT systems are back online, and we have substantially restored our operations,” Microchip President and CEO Ganesh Moorthy said in the filing with the Securities and Exchange Commission.
- The company said it has not identified evidence of any compromised customer or supplier data. An investigation into the nature and scope of the attack, which Microchip detected August 17, remains underway.
Dive Insight:
Microchip filed an update with the SEC in the wake of alleged data theft and leaks online.
The disruption could have downstream impacts on the supply chain. Microchip said it has about 125,000 customers across the industrial, auto, aerospace and defense, communications and computing markets.
“The company is aware that an unauthorized party claims to have acquired and posted online certain data from the company’s systems,” Moorthy said in the SEC filing. “The company is investigating the validity of this claim with assistance from its outside cybersecurity and forensic experts.”
The Arizona-based chipmaker said some portions of its IT systems are still impacted, but it did not provide further information about the extent or nature of ongoing disruptions.
Employees, law enforcement and regulators were notified of the incident and, as of Wednesday, the company said it does not believe the incident is reasonably likely to materially impact the company’s financial condition or results of operations.
