![[The AI Show Episode 146]: Rise of “AI-First” Companies, AI Job Disruption, GPT-4o Update Gets Rolled Back, How Big Consulting Firms Use AI, and Meta AI App](https://www.marketingaiinstitute.com/hubfs/ep%20146%20cover.png)
![How to make Developer Friends When You Don't Live in Silicon Valley, with Iraqi Engineer Code;Life [Podcast #172]](https://cdn.hashnode.com/res/hashnode/image/upload/v1747360508340/f07040cd-3eeb-443c-b4fb-370f6a4a14da.png?#)
-(1).jpg?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
.jpg?#)
![Apple's iPhone Shift to India Accelerates With $1.5 Billion Foxconn Investment [Report]](https://www.iclarified.com/images/news/97357/97357/97357-640.jpg)
![Apple Releases iPadOS 17.7.8 for Older Devices [Download]](https://www.iclarified.com/images/news/97358/97358/97358-640.jpg)
![[Updated With Statement] Verizon’s Motorola Razr 2025 Rollout Is on Hold](https://www.talkandroid.com/wp-content/uploads/2025/04/razr-colorways-2000x1331-1.png)
Broadcom hit by employee data theft after breach in supply chain
ADP's business partner got served ransomware last September, an incident that cascaded all the way to Broadcom.
- Business Systems House was breached in September
- It is a business partner of ADP, which serviced Broadcom at one point
- Now, sensitive Broadcom files seem to have emerged on the dark web
Customers of the global semiconductor giant Broadcom have had their sensitive data leaked on the dark web after a two-step supply chain attack. Apparently, a company called Business Systems House (BSH), a human capital management (HCM) services provider from the Middle East, suffered a ransomware attack in September 2024, in which a group known as El Dorado (later rebranded as BlackLock), stole its files.
This firm is a business partner of payroll company ADP which, in turn, worked with Broadcom. In fact, the chip giant was in the process of switching payroll providers when the incident happened, meaning it almost dodged that bullet.
However, in December 2024, the two firms discovered the stolen data on the internet. “Because the data taken by the criminal actor was in an unstructured format, definitively determining which employees were impacted and, for each employee, which data fields were disclosed, was a lengthy process for BSH/ADP, and this information was not made available to Broadcom until May 12, 2025,” it was explained.
With Aura's parental control software, you can filter, block, and monitor websites and apps, set screen time limits. Parents will also receive breach alerts, Dark Web monitoring, VPN protection, and antivirus.
Preferred partner (What does this mean?)View Deal
El Dorado or BlackLock
According to The Register, who first broke the story, the attackers made away with the following data:
- National ID numbers
- National health insurance ID numbers
- Health insurance policy/ID numbers
- Financial account numbers
- Dates of birth
- Salary details
- Employment termination date
- Personal email addresses
- Personal phone numbers
- Home addresses
Broadcom urged everyone to turn on MFA and any other security settings that their financial institutions provide. Furthermore, it warned users to monitor their financial records.
You’ll be forgiven for not knowing who El Dorado is. It is a relatively new ransomware operation, emerging in March 2024, and already rebranded to BlackLock. The files stolen from Broadcom were posted on the BlackLock leak site, as well. Allegedly, the group consists of Russian-speaking individuals.
Broadcom serves a diverse range of customers across various industries, including technology, finance, healthcare, and telecommunications. Some of the biggest names include Apple, Samsung, Cisco, British Airways, and many others. ADP, The Register claims, is no worse, but so far, no one reported losing data.
Via The Register
You might also like
- Broadcom releases fixes for multiple VMware security flaws
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
