AMD hack due to some of its passwords being just 'password'

Shot of Password on a screen with hex codes.
(Image credit: Getty Images)
Audio player loading…

An extortion group known as RansomHouse claims to have more than 450Gb of hacked data from AMD. What's surprising about this latest hack is that the group appears to have acquired this data thanks to AMD using rediculously simple passwords to protect its network from intrusion. 

Apparently, at least some of the passwords used were no more complex than 'password.' Yeah, your read that right. It's 2022 and major corporations are still using 'password' for sensitive information. I'm guessing '123456' was one of them, considering some of the startlingly dumb passwords (opens in new tab) corpos have been caught using recently.

RansomHouse claims that the data was taken back in January 2022 and has provided a data sample as evidence of the hack, which you can view over on Restore Privacy (opens in new tab), which originally ran the news. That site has reviewed some of the data, but it isn't clear if the data is genuine or not, so this attack is still officially unverified.

RansomHouse states that it has nothing to do with the breach itself and doesn't produce ransomware or encrypt data, and instead acts as a "professional mediator." It's a fairly new outfit, that appears to have started in December 2021 and lists six companies that it has hacked data from, with AMD being the latest.

It's worth noting that small 'b' after the amount of data stolen as well, as that means gigabits and not gigabytes. 450Gb is just over 56GB of data, assuming that it isn't just a typo in the first place. That isn't a lot, especially for a company as big as AMD, but it obviously depends on what that data pertains to as to how valuable it is.

Your next machine

(Image credit: Future)

Best gaming PC (opens in new tab): The top pre-built machines from the pros
Best gaming laptop (opens in new tab): Perfect notebooks for mobile gaming

AMD reached out to our sister site, Tom's Hardware (opens in new tab), to confirm the following, "AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway."

It'll be interesting to see how AMD responds going forward, and ultimately whether it's willing to pay up to protect the data. The company should probably change a few of its passwords either way. Something we should all do, to be honest. Here's a password guide (opens in new tab) in case you're now sweating in your seat.

Alan has been writing about PC tech since before 3D graphics cards existed, and still vividly recalls having to fight with MS-DOS just to get games to load. He fondly remembers the killer combo of a Matrox Millenium and 3dfx Voodoo, and seeing Lara Croft in 3D for the first time. He's very glad hardware has advanced as much as it has though, and is particularly happy when putting the latest M.2 NVMe SSDs, AMD processors, and laptops through their paces. He has a long-lasting Magic: The Gathering obsession but limits this to MTG Arena these days.