Another day, another security breach. They can affect almost everyone. Now one has reached the popular gaming PC hardware manufacturer MSI.
MSI has issued a statement confirming that it was the victim of a security breach resulting from a ransomware attack. In a press release, MSI said that “the affected systems have gradually resumed normal operations, without significant impact on the financial business.”
MSI did not directly confirm what data was stolen, and there are no suggestions of actions anyone should take. Of course, MSI’s internal systems are not user-facing in the way that a password manager or network provider is, so your personal information is not at risk unlike other breaches. However, malicious actors have said that they have stolen things like BIOS source code, private keys and other essential internal data from MSI. Similarly, MSI advises users not to download BIOS or firmware updates from unofficial sources, which apparently confirms this.
It’s always a good idea to avoid downloading low-level confidential software from suspicious sources, but since hackers get their hands on the actual stolen source code, you should be careful if you own any MSI hardware.
Source: MSI, Bleeping Computer (1, 2)