A hacker group with connections to China maintained unnoticed access to the computer network of the Eindhoven-based chip manufacturer NXP for over two years.
The perpetrators infiltrated email accounts and targeted chip designs, as revealed by an investigation conducted by NRC.
The Chinese hacking group known as 'Chimera' gained unauthorized access to employee accounts, subsequently navigating through the company network to reach secure servers in search of chip designs and other proprietary information.
Although NXP disclosed the breach in its 2019 annual report, stating compliance as a listed company obligation, the report did not detail the extent of the intrusion.
The Eindhoven chip manufacturer asserted in its communication at the time, "We do not believe that this hack has a material effect on our business operations. The investigation continues, and we are evaluating how much data was compromised."
The intrusion, however, lasted for an undisclosed duration, allowing the cyber spies unrestricted access to NXP's systems for nearly 2.5 years, spanning from late 2017 to spring 2020.
The breach came to light only after a tip from Transavia, another entity that had fallen victim to hacking in January 2020. Subsequently, NXP enlisted the expertise of security firm Fox-IT to address the breach.
During the investigation, specialists discovered that the hackers had also engaged with IP addresses located in Eindhoven, where NXP's headquarters are situated.
Following the incident, NXP transitioned its security operations to Fox-IT. A year later, the security firm, in a blog post, disclosed that a 'European company in the semiconductor sector' had been subject to a cyber attack, with subsequent investigation revealing NXP as the affected entity.
As the second most valuable European company in the chip industry after ASML, NXP primarily generates revenue from supplying chips to the automotive sector.
The company also provides chips for secure mobile payments and public transport chip cards. In response to inquiries, NXP asserted that the hack had not caused material damage to its business operations.