More than 20GB of sensitive Intel data has been breached through the backdoor and the proprietary content published online. The chipmaker denies that it has been breached or hacked in any way and insists that an individual who was granted access to its Intel Resource and Design Center probably leaked the information.
According to Till Kottmann, a Swiss software engineer who released the documents online, they were passed to him by an anonymous source who hacked the chipmaker in May. The IT consultant is known to release sensitive information hacked from tech companies and claims the data he has shared is genuine and rated confidential by Intel. He even insists that more releases are on the way and that subsequent releases will be very damaging to Intel.
“Intel exconfidential Lake Platform Release,” Kottmann wrote on Twitter. “This is the first 20GB release in a series of large Intel leaks. Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA, or Intel Restricted Secret.”
Tech analysts confirmed that the data breach contained source codes as well as the internal design files for various chipsets the company manufactures. It also contains BIOS reference codes as well as schematics and firmware for Kaby Lake and the upcoming Tiger Lake processors. External analysts also said the data leak does not seem to contain the private information of Intel customers and staff.
Kottmann said his anonymous source hacked the files from an Intel server that was hosted by Akami CDN with very little protection. When he mentioned that downloaders could obtain backdoors in some of the chipset source codes, he revealed the password for accessing some protected zips in the data dump.
“If you find password-protected zips in the release the password is probably either ‘Intel123’ or ‘intel123’” Kottmann said. “This was not set by me or my source; this is how it was acquired from Intel.”
Intel said it is investigating the purported hack and claimed that the company had not been breached in any way. They said an individual with legitimate access to the web portal used by its customers, partners, and other parties may have intentionally leaked the data.
“We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners, and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”