Intel investigating a leak that exposed 20GB of internal documents

7 Aug 2020

Image: © Sundry Photography/Stock.adobe.com

Intel has denied claims that it was hacked and suggested that leaked data may have been downloaded and shared by someone with access to it.

Intel has confirmed that it is currently investigating a breach that resulted in 20GB of internal documents being published online.

According to ZDNet, many of the files, which were uploaded to cloud storage and file-sharing platform Mega, were labelled as ‘confidential’ or ‘restricted secret’.

The data was published by Swiss software engineer Till Kottmann, who claims to have received the documents from an anonymous hacker who allegedly breached Intel earlier this year.

Kottmann runs a popular Telegram channel where he regularly publishes data that has accidentally leaked online from major tech companies through misconfigured Git repositories, cloud servers and online web portals.

The breached data

Kottmann announced the release of the documents on Twitter yesterday (6 August), writing: “Most of the things here have not been published anywhere before and are classified as confidential, under NDA or Intel restricted secret.”

Working with security researchers, ZDNet confirmed that the leaked data is authentic and relates to the company’s intellectual property from the internal design of chipsets, with technical specs, product guides and manuals for CPUs dating back to 2016. The leaked data does not appear to contain any sensitive data about Intel customers or employees, ZDNet added.

Kottman said that the recent leak marks only the first stage of a series of Intel-related leaks. The Swiss software engineer shared a copy of a conversation between him and the alleged hacker, which claimed that the data was obtained through an unsecured server hosted on the Akamai CDN.

In response to ZDNet’s report, Intel denied that it was “hacked”, disputing Kottman’s claim and suggesting that an individual within the company may have downloaded the data without authorisation.

In a statement, Intel said: “We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”

Kelly Earley was a journalist with Silicon Republic

editorial@siliconrepublic.com