05.01.2026
2 min
730
A dark web forum user has claimed a massive data breach of Dutch chip equipment giant ASML. However, cyberresearchers at determined that the claims are false and mirror the same tactics used in a previously fabricated NordVPNbreach.
The attacker, operating under the alias 1011, alleged that 154 ASML databases had been compromised, supposedly including disk encryption keys, user data, and internal system information. If legitimate, such a breach would have posed severe risks to the global semiconductor supply chain.
Cybernews researchers analyzed the leaked samples and concluded that the data has no verifiable link to ASML. No encryption keys were found, only a single default admin account was present, and the server hosting the data was unrelated to ASML’s infrastructure.
ASML plays a critical role in global chip manufacturing and is the sole producer of EUV lithography machines. The company confirmed that it is aware of the forum post and denied the credibility of the breach claims.
The same user previously claimed to have breached NordVPN, a claim that was also publicly denied by the company. In both cases, the attacker relied on identical tactics: bold announcements unsupported by technical evidence.
The case highlights how dark web forums are increasingly used not only for trading real stolen data but also for simulating breaches. Pseudo-hackers post worthless datasets to earn forum credits, which can later be exchanged for genuine leaks or used in scam operations.
