Data leak from st.com ?

FerrumMaster · ‎2025-11-14

Split from Valid login details ignored as this is unrelated.

Great thanks ST.

FerrumMaster · ‎2025-11-15

I use NordVPN monitor service and it monitors for data leaks. Yesterday st.com was shown having a leak at the said dates.

The post previously could explain some narrative what's going on really. It is beyond sad, I already have enough questionable ads in my mail.

rwx · ‎2025-11-16

I've just been notified that my ST accounts were leaked onto the darkweb. This notification came from a trusted source and not ST themselves.

Sensitive information which was leaked was shown to be my account details (address, phone number, etc) held on the ST profile.

Looking into reports on the internet, it appears the breach happened in mid September 2025.

Why didn't ST take corrective action (marking all accounts for mandatory password reset)?

Why didn't ST release a statement to all customers about the breach?

https://darknetsearch.com/knowledge/news/en/stmicroelectronics-data-breach-revealed-2025-darknet-leak-exposes-corporate-files-and-customer-data/

https://botcrawl.com/stmicroelectronics-data-breach-exposes-developer-and-partner-portal-user-information/

https://www.reddit.com/r/embedded/comments/1oycaln/stmicroelectronics_data_breach/

Ozone · ‎2025-11-16

Which is why I reveal as little private information about myself as possible for such fora accounts.
Especially when the account is not related to my dayjob, like it is the case with ST.

I had to abandon an e-Mail account a few years ago for the very same purpose.

unsigned_char_array · ‎2025-11-17

Are IP-addresses leaked too? Because I noticed in profile settings there is a list of IP-addresses. I just deleted the list, but it's probably too late...

Kudo posts if you have the same problem and kudo replies if the solution works.
Click "Accept as Solution" if a reply solved your problem. If no solution was posted please answer with your own.

Lina_DABASINSKAITE · ‎2025-11-17

Hello @FerrumMaster, @rwx, @Ozone,

Thank you very much for letting us know about this issue. I've shared it with our cybersecurity team for review and will keep you updated as soon as possible.

If anyone else in the community has experienced something similar in their web reports, please feel free to share your comments here.

I’m sorry for the inconvenience and appreciate your patience while we work on this.

Sincerely,
Lina

In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.

rwx · ‎2025-11-17

Thanks Lina.

I've just received an email from ST about the incident.

Your Data Incident Report

privacy@st.com

17/11/2025 16:37

Good evening,

We are contacting you to describe the circumstances of the incident, including the types of information involved and steps we have taken and further actions you can take.

What happened? On September 18, 2025, we detected a cybersecurity incident. We promptly engaged leading third-party cybersecurity experts and took steps to investigate the incident. The investigation determined that on September 16, 2025, an unauthorized party gained access to an external platform used for non-critical IT support operations related to www.st.com. The incident has been contained.

What information was involved? The data impacted presents low severity risk, varied by individual, but may have included: professional or personal email address, postal address, phone number.

What are we doing? We have conducted an investigation with the support of leading cybersecurity experts. We have taken steps designed to enhance the security of the external platform to prevent similar incidents in the future.

What can you do? We encourage you to remain alert to any suspicious or unsolicited communications, including emails, phone calls or text messages, and avoid clicking on suspicious links.

Best regards,

Your ST Privacy Team

Tom_pm · ‎2025-11-18

Yeah, would be great to receive this information via an official announcement, not via a third party report on the community forum.

Is it in the meantime possible to change the ST account mail address, I tried that once but the request was denied.

So the mail address is expected to get lots of spam and I still have to keep it around, as it is impossible to change it here on ST, nor can I change it to one I can throw away after this potentially happens again in the future.

Lina_DABASINSKAITE · ‎2025-11-18

Dear community members,

We’re sorry for this incident and truly appreciate your understanding and vigilance. Your trust means everything to us, and we’re dedicated to being transparent.

As it was shared by @rwx, ST has sent a communication to the affected accounts with the following details:

What happened? On September 18, 2025, we detected a cybersecurity incident. We promptly engaged leading third-party cybersecurity experts and took steps to investigate the incident. The investigation determined that on September 16, 2025, an unauthorized party gained access to an external platform used for non-critical IT support operations related to www.st.com. The incident has been contained.

What information was involved? The data impacted presents low severity risk, varied by individual, but may have included: professional or personal email address, postal address, phone number.

What are we doing? We have conducted an investigation with the support of leading cybersecurity experts. We have taken steps designed to enhance the security of the external platform to prevent similar incidents in the future.

What can you do? We encourage you to remain alert to any suspicious or unsolicited communications, including emails, phone calls or text messages, and avoid clicking on suspicious links.

Best regards,
Lina

In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.

FerrumMaster · ‎2025-11-18

Ačiū Lina,

I got the email. But it is not how this not how it should be solved. It is a very serious matter if we look at GDPR consequences actually.

This cases at least deserves an email not to be written by AI, as checkers flag this email as AI generated slop thus mark as spam, please consider that, and don't do it.

What amuses me most, how any kind of credential information these days can be held unsalted. There must be some real feedback from cybersecurity team with a real security improvement plan and explanation why we failed, thus we can understand how professional ST actually is when handling security related crisis.