Intel Probes Data Leak That Exposed 20GB of Sensitive Company Data


The internal data breach, dubbed as one of the biggest IP leaks cost Intel 20 GB of corporate data and originated from Intel Resource and Design Center, a repository for partners and customers. Intel has denied hack claims and has launched an investigation into the matter. 

U.S. tech giant Intel became a victim of a hack that resulted in a leak of approximately 20 GB of data. The leak, which is suspected to have originated from the company’s partner and resource center, came to light after software engineer and Android developer Till KottmannOpens a new window uploaded the data to file sharing site MEGA. 

Kottmann’s Twitter account has now been suspended, who tweetedOpens a new window the following:

The developer said he received the data from an anonymous third party hacker, who claims they hacked into Intel’s network earlier in 2020. ‘Hacking’ can be construed as a loose term here as the hacker said he obtained data from an Akamai CDN server which was left unsecured. ZDNet obtainedOpens a new window a screenshot of the conversation between Kottmann and the hacker.

Source: ZDNet

Intel denies this claim, and has launched an investigation into the matter. An Intel spokesperson told CRNOpens a new window , “We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”

See Also: Twitter Patches Android Vulnerability That Could Allow Hackers to Access DMs

Kottmann said more leaks can be expected to surface in coming months and that this is the first of many. The leak exposed sensitive data like chip roadmaps details, dev tools, training videos, guides, debugging tools, code samples, etc., regarding Intel’s Tiger Lake architecture, as well as Kaby Lake, Snow Ridge, and Elkhart Lake.

Leaked data did not contain employee or customer records like personally identifiable information (PII) that can spark identity fears.  

Leaked data summarized by Kottmann:

  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Kaby Lake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Bootguard SDK (encrypted zip
  • Silicon / FSP source code packages for various platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (very horrible) Kabylake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
  • Various Intel Development and Debugging Tools
  • Debug BIOS/TXE builds for various Platforms)
  • Intel Snowridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)

Most of this data was marked confidential, bound under non-disclosure agreements, or as restricted secret.

Let us know if you liked this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!