According to Forbes, the breach occurred during the first week of December. It was reported to staff in an email from Bob Woral, Nvidia senior vice president and Chief Information Officer.

Worall told staff that the IT team has taken “extensive measures” to enhance security since the breach and prevent similar attacks in the future. He warned staff to review their bank statements and credit card statements, inform the police if they suspect they were victims of ID theft and be wary of phishing emails.

He also advised all users to regularly change their passwords and avoid using the same password for more than one account.

Based on Worall’s email, Forbes speculates that the attack was the result of a phishing scheme – i.e. that someone managed to gain access by reusing a password gained through a phishing attack on another service.

Nvidia currently has about 8,800 employees.