[German]There has been a data leak at NXP Semiconductors, a manufacturer of electronic semiconductor components. The Dutch company is the 2006 spin-off of the semiconductor division of Royal Philips. Following the acquisition of Freescale, NXP is Europe's largest semiconductor manufacturer with sales of almost 9 billion euros.
NXP provides semiconductors and system solutions for the automotive market, televisions, set-top boxes, cell phones, and security solutions for bank cards, electronic IDs, passports and health cards. Chips with MIFARE technology are used in numerous traffic systems and event centers worldwide. F
Now there has been a security incident or data leak at NPX, and affected parties are being notified. On July 14, 2023, it was noticed an unauthorized party viewed and possibly copied certain personal data from a system connected to the NXP.com online portal. The investigation revealed that this incident occurred on July 11, 2023. Based on an internal investigation, it was determined that the categories of personal data identified in the statement below may have been pulled by an unauthorized party. Blog reader Michael K. emailed me the following information under the title "Data Leak at NXP Semiconductors" (thanks for that).
Hello Mr. Born,
thank you very much for your regular reporting in the blog!
I just received a notification from NXP Semiconductors about a data leak. One of my customers was also notified by NXP. I had stored my data in the customer portal, through which I have access to the development environment for CAN gateways, among other things. Maybe this is interesting for you and your readers.
„Dear Michael,
We are reaching out to inform you about a recent incident involving your personal data and the actions taken to address the situation.
What happened and what information was involved:
On July 14, 2023, we discovered that an unauthorized party acquired certain personal data from a system connected to our online portal, NXP.com. Our investigation shows that this incident occurred on July 11, 2023. Based on our internal investigation, we have determined that the following categories of personal data may potentially have been acquired by an unauthorized party:
- First and last name
- E-mail address
- Address, postcode, city and country
- Business phone number
- Mobile phone number
- Company name
- Job description and business title
- Communication preferences
Other than the pieces of information identified above, no other personal data of yours was impacted by this incident.
What we are doing:
NXP takes the protection of your personal data seriously. Upon discovering the incident, we immediately launched an internal investigation, activated our incident response procedures, and our incident response team took immediate action to contain the incident. We also promptly notified the authorities. We have completed our internal investigation, and though we have found no evidence to suggest your data has been fraudulently used, we are now contacting all affected NXP.com users out of an abundance of caution.
What you can do:
While we have no evidence that your data has been misused, we encourage you to review the advice below and take the following steps to adequately protect yourself against malicious attempts to misuse your personal information:
- Be cautious of unsolicited communications requesting personal information or containing specific links. NXP will not proactively contact you to request your personal or confidential information. If you ever receive an e-mail or call claiming to be from us requesting this information, please flag it as phishing and report it to the relevant authorities in your country if necessary.
- Do not respond to or follow any weblinks from sources other than from official NXP communication.
How to reach us for questions or more information:
If you have any questions or require further information about this incident, please do not hesitate to contact our dedicated team:
- +1 512 895 6666 in the Americas (1 AM – 3 PM CDT)
- +31 40 2726555 in Europe (8 AM – 10 PM CEST)
- +86 21 22052333 in Asia (2 PM – 4 AM Beijing Time)
At NXP, we take the security of your personal information very seriously and want to provide you with the information required to protect yourself. We apologize for any inconvenience this may cause and we thank you for your understanding.
Sincerely,
NXP Data Privacy Team
High Tech Campus 60
5656 AG EINDHOVEN
The Netherlands"
How many users are affected is unknown to me at this time.
Got this email today august 26,2023