Hit by data breach, chipmaker NXP Semiconductors alerts impacted customers

LONDON: Chipmaker NXP Semiconductors has admitted a data breach, alerting customers about a recent incident involving their personal data.

The data breach was first reported by Troy Hunt, the owner of Have I Been Pwned, who posted a copy of the email NXP had sent to customers affected by the data breach.

“According to our records, you have a registered user profile on the NXP.com website that has been inactive for at least the last 18 months. What happened and what information was involved: Your inactive account with us has been identified as part of an incident that occurred on July 11, 2023 that potentially involves your e-mail address,” the company told affected customers in the email.

“This was the only personal data of yours potentially impacted; no other personal data was impacted by this incident,” NXP said.

Upon discovering the incident, the chip-maker immediately launched an internal investigation, activated its incident response procedures, and the incident response team took immediate action to contain the incident.

“We also promptly notified the authorities. We have completed our internal investigation, and though we have found no evidence to suggest your data has been fraudulently used, we are now contacting all affected NXP.com users out of an abundance of caution,” the company added.

NXP said it encourages people to Be cautious of unsolicited communications requesting personal information or containing specific links.

“NXP will not proactively contact you to request your personal or confidential information. If you ever receive an e-mail or call claiming to be from us requesting this information, please flag it as phishing and report it to the relevant authorities in your country if necessary,” said the company.

In a statement to TechCrunch, a company spokesperson was quoted as saying that an “unauthorised party” had acquired “basic personal information” from a system connected to NXP’s online portal.