We have seen a galore of data breaches and ransomware attacks being reported in the past month or two. Intel is the latest technology giant to investigate the alleged leak of 20GB of internal documents, containing proprietary data, debugging tools, BOIS, and other source code.
The data has been shared by Swiss Android developer Till Kottmann on Twitter and has been named the ‘Exconfidential Lake’ leak. He received the internal documents from an anonymous hacker, who apparently breached Intel last year. The hacker also made this sensitive data available publicly on BitTorrent feeds. Kottman himself is a supporter of open-source technologies and has published IP data from other major tech giants in the past.
As for what information did the documents contain, ZDNet reveals that you have the internal design of various chipsets, technical specs, product guides, and manuals for processors dating back to 2016. There’s a ton of proprietary documents that’ve been marked confidential or restricted present in the leaked data.
ZDNet managed to get a look at the 20GB leaked data, and with help from anonymous security researchers, it has also confirmed that the data is authentic. Kottman makes it easy for everyone to learn the contents of the leak by compiling a summary, which you can see attached below:
– Intel ME Bringup guides + (flash) tooling + samples for various platforms
– Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
– Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
– Silicon / FSP source code packages for various platforms
– Various Intel Development and Debugging Tools
– Simics Simulation for Rocket Lake S and potentially other platforms
– Various roadmaps and other documents
– Binaries for Camera drivers Intel made for SpaceX
– Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
– (very horrible) Kabylake FDK training videos
– Intel Trace Hub + decoder files for various Intel ME versions
– Elkhart Lake Silicon Reference and Platform Sample Code
– Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
– Debug BIOS/TXE builds for various Platforms
– Bootguard SDK (encrypted zip)
– Intel Snowridge / Snowfish Process Simulator ADK
– Various schematics
– Intel Marketing Material Templates (InDesign)
Intel denies the claims of its own servers being hacked and instead says that the data comes from one of its partners at the Intel Resource and Design Center.
“The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners, and other external parties who have registered for access. We believe an individual with access downloaded and shared this data,” reads the official statement from Intel.
Though this leak already includes an extensive list of internal documents, Kottman says that the source may have obtained more than just 20GB of data. This could just one in a series of data leaks that will soon follow. The future leaks will shed light on more of the classified information, as you can see in the tweet below.
fyi: unless I am misunderstanding my source, I can already tell you that the future parts of this leak will have even jucier and more classfied stuff
— Tillie 1312 Kottmann #BLM 💛🤍💜🖤 (@deletescape) August 6, 2020
The data leak hasn’t revealed any of Intel’s super-sensitive data such as CPU and GPU designs. There sure are some documents marked confidential and restricted but they might be damaging to the company’s business. However, if Kottman is right (and we have no reason to doubt him), then do keep your eyes peeled for more Intel internal documents making their way to the Internet in the coming weeks.