Apple supplier Taiwan Semiconductor Manufacturing Company today confirmed to TechCrunch that it recently suffered a data breach. TSMC is responsible for creating all of the A-series and M-series chips used in Apple devices.


A TSMC spokesperson said that a “cybersecurity incident” caused data “pertinent to server initial setup and configuration” to leak, but TSMC customer information was not impacted.

“Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information. After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures.”

Data from TSMC was listed on the LockBit ransomware gang’s website on Thursday, with LockBit demanding $70 million to prevent it from publishing the stolen data. LockBit has attacked pharmaceutical companies, the UK’s Royal Mail, U.S. government websites, and more.

LockBit says that if TSMC does not pay up, it will also publish passwords and logins. The data was stolen from Kinmax Technology, a company that provides IT services like networking, cloud computing, storage, and database management. Kinmax was working with TSMC, and on Thursday, told TSMC that its “internal specific testing environment was attacked,” leading to the leak of “system installation preparation.”

Other Kinmax partners include Microsoft, Cisco, and VMware, and it is not known if those companies were also impacted.