It is not the first time that the Taiwanese company M: YESwhose responsibility in Spain falls to MSI Iberia (a company whose CEO is curiously impossible to know in Spain), is the victim of cyber attacks and others security issues. On this occasion, history repeats itself, but it has a greater significance due to the simple fact that the user data registered in the company’s systems could have been compromised.
We recently saw that – and in this case it was not MSI’s fault – many users fell victim to malware due to non-legitimate versions of their popular software, MSI Afterburner, to which the company could only reply that it recommended downloading the software only from official sources. Now, however, they have been forced to acknowledge and issue a statement regarding this cyberattack of which they have been victims, and which we show you below.
MSI, victim of a cyber attack
“MSI has recently suffered a cyberattack on part of its information systems. Upon detecting anomalies in the network, the IT department quickly activated the relevant defense mechanisms and carried out recovery measures, reporting the incident to the state security forces and cybersecurity units. Currently, the affected systems have already gradually resumed their normal operation without significant repercussions on financial activity.
MSI urges users to obtain firmware and BIOS updates only from its official website, and not to use files from sources other than the official website.
MSI is committed to protecting the data security and privacy of consumers, employees and partners, and will continue to strengthen its cybersecurity architecture and management to maintain business continuity and network security in the future.”
As you can see by reading their statement, MSI mentions the financial systems and then, since it doesn’t want the thing, it again urges users to download firmware and BIOS only from the official website, but without confirming at any time what the consequences have been. of this attack they have suffered. However, the thing seems to be much more serious than the manufacturer wants to appear…
And what about the data of users registered with MSI?
Of course, the biggest concern that users can have about this cyberattack is that there has been a data leak, and MSI does not say anything about it. However, according to a report by BleepingComputer, the Money Message group claims to have stolen 1.5TB of data from MSI’s systems, including its CTMS and ERP databases, source code of its software programs, private keys and BIOS firmware (that’s why they warned us to only download this on their official website).
Apparently, Money Message has already threatened to publish these stolen documents and is asking the company for a $4 million ransom, but whether they are published or not, whether the ransom is paid or not, nothing will stop the criminal group from selling the database. and others to other third parties, where our user data will surely be included.
Now, is your data at risk? If you have ever bought an MSI computer and registered on the web to obtain the guarantee, most likely yes, your data is now in the hands of third parties who don’t know what they will do with it. In any case, what we would recommend is that if you had a user account on the manufacturer’s official website, change the password as soon as possible and make sure that you did not use the same password in other accounts or services.
