RansomHouse is an extortion group that hacks corporate networks, steals data and then demands ransom from victims. Otherwise, criminals threaten to sell the information online or publish it publicly. The group was connected to the WhiteRabbit ransomware, but no encryption was used in the attack on AMD.

what is known

• Information about the data theft was published by RansomHouse on their website.
• According to him, everything was stolen 450 gigabytes of data, including so-called research and financial information.
• The hackers told Bleeping Computer journalists that the AMD network was hacked by its “partners”, which happened about a year ago.
• Although the group’s website says the data was stolen on January 5, 2022, they say it’s actually the date they lost access to AMD’s network.
• RansomHouse confirmed this did not return to AMD to request redemptionIt turns out that selling stolen data to other organizations and attackers is a more interesting possibility.
• According to a spokesperson for the group, they are still analyzing the stolen items to determine their value.

Reporters state that the group did not provide any evidence for its claims, other than, for example, a CSV file listing more than 70,000 devices on AMD’s internal network, as well as a few files containing an institutional list. Credentials with weak passwords such as “password”, “P@ssw0rd”, “amd!23”, “Welcome1”.

AMD representatives told Bleeping Computer that they were aware of the hackers’ allegations and that the company was already investigating the incident.