Intel Rocked by Huge 20GB Data Breach

No company is ever happy when a major data breach occurs. Not only from the point of view of it potentially revealing any plans they have in the pipeline, but also the fact that it may contain information that, in the wrong hands, could prove very devastating. Yesterday afternoon, however, Intel got a pretty huge shock when it was revealed that 20GB of highly-sensitive information had leaked online!

Intel Sees Huge 20GB Data Breach

In a report via TomsHardware, the data breach was initially posted to Twitter by a yet unknown user. In terms of the information, however, while not (yet) specifically linking to particular files, the ‘dump’ they did show revealed two key aspects: Firstly, that it contained a lot of information on key design aspects and, secondly, in total the file size was around 20GB. Some of the confirmed information included within this data breach includes:

• Intel ME Bringup guides + (flash) tooling + samples for various platforms
• Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
• CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
• Silicon / FSP source code packages for various platforms
• Various Development and Debugging Tools
• Simics Simulation for Rocket Lake S and potentially other platforms
• Various roadmaps and other documents
• Binaries for Camera drivers Intel made for SpaceX
• Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
• Kabylake FDK training videos
• Trace Hub + decoder files for various Intel ME versions
• Elkhart Lake Silicon Reference and Platform Sample Code
• Some Verilog stuff for various Xeon Platforms
• Debug BIOS/TXE builds for various Platforms
• Bootguard SDK (encrypted zip)
• Intel Snowridge / Snowfish Process Simulator ADK
• Various schematics
• Marketing Material Templates (InDesign)

While thought to also contain lots of other pieces of more random information, the short version is that this is (by and large) amazingly sensitive information. As such, Intel is clearly in something of a panic to ascertain just how damaging this could potentially be!

What Has Intel Said?

While it might initially be tempting to dismiss this as an elaborate hoax, Intel has not only commented on the situation to (pretty much) confirm that the data breach is genuine but they have also said where they think it may have originated from.

“We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners, and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”

With the anonymous leak source citing that they will be revealing more details in the coming days/weeks, however, I’m pretty certain that Intel is feeling more than a little nervous at this point!

What do you think? Just how damaging could this data breach be? – Let us know in the comments!