Massive Databreach hits Intel, confidential documentation about processors leaks away

Yet another setback for Intel, it is confirmed that Intel was hit by a data breach, an extensive one where 20 GB of documentation including chip designs and code has leaked away.

Developer Tillie Kottmann has revealed the existence of the documents and says they came to him through an anonymous source. Most of the information is supposed to be protected intellectual property. The developer was told that the information was stolen from Intel in a breach this year.

"They were given to me by an Anonymous Source who breached them earlier this Year, more details about this will be published soon," Kottmann says.

“Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret,” the developer added.

There is a list of things that would be in the 20GB download. Below that are roadmaps, but also Kabylake FDK training videos. Intel confirms to Bleeping Computer that it is internal documentation and suspects that someone from a third party with access to NDA documentation from the Resource And Design Center has downloaded it. This is just an initial release of the materials which contains anything from marketing, roadmaps, sales, chip design and testing as well as software.

We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.

Intel

The hacker who spoke to Kottmann says he found an Intel server on a CDN without proper security through a scan. With a Python script, the hacker would have looked at files and folders that do not require a password or that work with default passwords. It is also suggested that software contains backdoors, which would now get exposed. This initial release contains documents related to the following:

• Intel ME Bringup guides + (flash) tooling + samples for various platforms
• Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
• Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
• Silicon / FSP source code packages for various platforms
• Various Intel Development and Debugging Tools
• Simics Simulation for Rocket Lake S and potentially other platforms
• Various roadmaps and other documents
• Binaries for Camera drivers Intel made for SpaceX
• Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
• (very horrible) Kabylake FDK training videos
• Intel Trace Hub + decoder files for various Intel ME versions
• Elkhart Lake Silicon Reference and Platform Sample Code
• Some Verilog stuff for various Xeon Platforms, unsure what it is exactly
• Debug BIOS/TXE builds for various Platforms
• Bootguard SDK (encrypted zip)
• Intel Snowridge / Snowfish Process Simulator ADK
• Various schematics
• Intel Marketing Material Templates (InDesign)

This release has already been dubbed “juicy” but Kottmann believes that future leaks from their source are likely to contain even “juicier” classified documents.