In what was another blow to the former most valuable chip making company in the world, 20 GB of Intel’s internal company documents got leaked/posted on the file sharing platform MEGA.
We say posted, because the publisher Till Kottmann, a Swiss software engineer is not some anonymous hacker, but actually operates a very popular Telegram channel where he regularly publishes leaks from various ‘big tech’ companies. However, he claims that he got the data from an anonymous hacker who seems to have bypassed through Intel’s defences earlier this year.
Moreover, Kottmann says that this leak was just the first part of a big series of Intel related, multipart leaks that will drop in the coming days.
Now, Intel claims that there was no actual ‘hack’ per say, and said in a statement that “the information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”
However, ZDNet, found a copy of the conversation between Kottmann and the alleged ‘hacker’ who says that he downloaded said information through an unsecured server hosted on the Akamai CDN. This contradicts with Intel’s statement, and begs the question if the company is lying to save face.
Nonetheless, it looks like no personal information was leaked, either about Intel’s employees or customers. However, the company got a lot of its proprietary information leaked, including technical specs, product guides, and manuals for CPUs dating back to 2016. Moreover, it looks like the company’s latest line of processors- the 11th Gen Tiger Lake CPUs might also have got caught in the attack as the hack includes Schematics, Docs, Tools + Firmware for the unreleased platform.
ZDNet posted a summary of the entire leak ‘sheet’ which goes as follows:
“- Intel ME Bringup guides + (flash) tooling + samples for various platforms
– Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
– Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
– Silicon / FSP source code packages for various platforms
– Various Intel Development and Debugging Tools
– Simics Simulation for Rocket Lake S and potentially other platforms
– Various roadmaps and other documents
– Binaries for Camera drivers Intel made for SpaceX
– Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
– (very horrible) Kabylake FDK training videos
– Intel Trace Hub + decoder files for various Intel ME versions
– Elkhart Lake Silicon Reference and Platform Sample Code
– Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
– Debug BIOS/TXE builds for various Platforms
– Bootguard SDK (encrypted zip)
– Intel Snowridge / Snowfish Process Simulator ADK
– Various schematics
– Intel Marketing Material Templates (InDesign)”
Intel says that it is investigating the attack. However, the question is that for a company that has already had its fair share of setbacks this year, will Intel be able to sustain business through the promised ‘multipart series of leaks’?