A security breach has resulted in 20GB of internal Intel documents, some of which are marked ‘confidential’ or ‘restricted secret’ being leaked to Mega, a file-sharing website. The leak was made public by Tim Kottmann, a Swiss software engineer who released the documents under the title ‘Intel exconfidential Lake Platform Release’. Worryingly for Intel, Kottmann
A security breach has resulted in 20GB of internal Intel documents, some of which are marked ‘confidential’ or ‘restricted secret’ being leaked to Mega, a file-sharing website.
The leak was made public by Tim Kottmann, a Swiss software engineer who released the documents under the title ‘Intel exconfidential Lake Platform Release’. Worryingly for Intel, Kottmann claims it is only the first in a series, and says ‘most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret.’ He also provided this screenshot as an example of what the leak contains, and as you an see it’s pretty extensive.
ZDNet has downloaded and analysed the documents, claiming that security researchers (who wish to remain anonymous) have verified their authenticity. Thankfully, there is said to be no confidential personal data relating to Intel customers or employees.
‘Per our analysis, the leaked files contained Intel intellectual property respective to the internal design of various chipsets. The files contained technical specs, product guides, and manuals for CPUs dating back to 2016,’ writes ZDNet.
As for the source of the leak, Kottmann says it is an anonymous source who breached Intel earlier in the year by hacking into an unsecured server hosted on the Akamai CDN – at least according to the conversation seen by ZDNet.
The same source appears to be responsible for the data set to be released further down the line: ‘unless I am misunderstanding my source, I can already tell you that the future parts of this leak will have even jucier [sic] and more classfied [sic] stuff’. Kottmann hasn’t given an estimate of when the future leak(s) will occur, however, only saying that ‘it might take a while until further things will be released, while my source makes sure they’re safe.’
Intel has responded with a brief statement that casts some doubt on the source being an unsecured server. The full statement reads:
‘We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.‘
The precise outcome of the leak remains to be seen, and similarly we’ll have to wait and see if Kottmann will release the promised future leaks or whether Intel will find a legal means by which to shut him down. Either way, it’s very unwelcome news for Intel, especially in the wake of the recently announced delays to its 7nm process.