Categories
Anicyber News

Intel Suffers IP Data Breach – Here it is.

Today, data was leaked online by a Swiss security researcher after receiving it from an anonymous hacker. US chipmaker Intel is investigating a security breach after earlier today 20 GB of internal documents, with some marked “confidential” or “restricted secret,” were uploaded online on file-sharing site MEGA.

The purported hacker had this to say:

the alleged hacker claimed to have obtained the data via an unsecured server hosted on the Akamai CDN

The Data

For those of you “in the know”, here’s a magnet link:

magnet:?xt=urn:btih:38f947ceadf06e6d3ffc2b37b807d7ef80b57f21

The breached data from Intel includes:

  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Silicon / FSP source code packages for various platforms
  • Various Intel Development and Debugging Tools
  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (poorly made) Kabylake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
  • Debug BIOS/TXE builds for various Platforms
  • Bootguard SDK (encrypted zip)
  • Intel Snowridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)

Worth noting: The title of the torrent says Drop 1. That implies that there’s more to come.

The Official Response

Intel was quick to reply when reached for a response.

The company’s full statement reads:

We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”

What does this mean for Intel’s future? Well in the bizarro market world where a Twitter hack is followed by a share price increase, probably nothing; But when silicon fabrication is reduced to an arms race, this little leak of intellectual property is sure to help their competitors.

For more reading, see:

https://www.govtech.com/security/Intel-Responds-to-Attempted-Theft-of-1B-Project-by-Employee.html