Microchip Technology discloses cyberattack, business delays

Microchip Technology Inc. disclosed that it suffered a cyberattack last week that disrupted its ability to fulfill customer orders.

In an 8-K filing Tuesday, Microchip President Ganesh Moorthy revealed that the manufacturer detected suspicious activity in its IT systems beginning on Aug. 17. Two days later, Microchip confirmed that an unnamed threat actor had gained unauthorized access to the company's network and disrupted servers.

Microchip also confirmed that the attack caused delays to business operations. The company manufactures microchips and microcontrollers, as well as memory, storage and embedded security products.

"As a result of the incident, certain of the Company's manufacturing facilities are operating at less than normal levels, and the Company's ability to fulfill orders is currently impacted," Microchip wrote in the 8-K filing. "The Company is working diligently to bring the affected portions of its IT systems back online, restore normal business operations and mitigate the impact of the incident."

In response to the attack, Microchip isolated the affected systems and forced some systems offline. It's unclear if the disrupted servers were taken offline voluntarily or if the cyberattack involved ransomware.

"As the Company's investigation is ongoing, the full scope, nature and impact of the incident are not yet known. As of the date of this filing, the Company has not yet determined whether the incident is reasonably likely to materially impact the Company's financial condition or results of operation," the 8-K filing said.

It's also unclear when manufacturing facilities will resume normal operations. The effects could be substantial, as Microchip Technology is a large manufacturer with customers in critical infrastructure sectors. It serves 125,000 customers, including organizations in the industrial, automotive, aerospace and defense, and computing verticals, according to its website.

Grayson North, principal security consultant at GuidePoint Security, told TechTarget Editorial the attack exhibits telltale signs of ransomware because it caused server and business operation disruptions. North added that according to GuidePoint data, the technology industry was the second-most affected by ransomware groups in 2023.

"So far, no ransomware groups have claimed responsibility for the attack, which means any data stolen as part of this incident is not yet available on the dark web. This suggests that Microchip is still in talks with the responsible threat actor. Depending on negotiations, this process can take weeks or even months to resolve," North said.

While the nature of the attack is unknown, ransomware groups are increasingly targeting the manufacturing sector. For example, Cisco Talos published new research last month that showed ransomware attacks have heavily targeted organizations in the manufacturing sector.

In addition, Peter Hedberg, vice president of cyber underwriting at Corvus Insurance, told TechTarget Editorial that ransomware gangs increasingly target manufacturing organizations because they believe those companies can't afford the downtime caused by an attack.

Microchip Technology did not respond to requests for comment at press time.

Arielle Waldman is a news writer for TechTarget Editorial covering enterprise security.