US chipmaker Intel is investigating a security breach after earlier today 20 GB of internal documents, with some marked “confidential” or “restricted secret,” were uploaded online on file-sharing site MEGA.
The data was published by Till Kottmann, a Swiss software engineer, who said he received the files from an anonymous hacker who claimed to have breached Intel earlier this year.
Kottmann received the Intel leaks because he manages a very popular Telegram channel where he regularly publishes data that accidentally leaked online from major tech companies through misconfigured Git repositories, cloud servers, and online web portals.
The Swiss engineer said today’s leak represents the first part of a multi-part series of Intel-related leaks.
ZDNet reviewed the content of today’s files with security researchers who have previously analyzed Intel CPUs in past work, who deemed the leak authentic but didn’t want to be named in this article due to ethical concerns of reviewing confidential or hacked data, and of ongoing relations with Intel.
The leaked files contained Intel intellectual property respective to the internal design of various of its chipsets. The files contained technical specs, product guides, and manuals.
Below is a summary of the leaked files, as provided by Tillmann:
– Intel ME Bringup guides + (flash) tooling + samples for various platforms
– Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
– Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
– Silicon / FSP source code packages for various platforms
– Various Intel Development and Debugging Tools
– Simics Simulation for Rocket Lake S and potentially other platforms
– Various roadmaps and other documents
– Binaries for Camera drivers Intel made for SpaceX
– Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
– (very horrible) Kabylake FDK training videos
– Intel Trace Hub + decoder files for various Intel ME versions
– Elkhart Lake Silicon Reference and Platform Sample Code
– Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
– Debug BIOS/TXE builds for various Platforms
– Bootguard SDK (encrypted zip)
– Intel Snowridge / Snowfish Process Simulator ADK
– Various schematics
– Intel Marketing Material Templates (InDesign)
An Intel spokesperson acknowledged ZDNet’s email earlier today but could not provide an official statement before this article’s publication.
None of the leaked files contain sensitive data about Intel customers or employees, based on ZDNet’s review.
However, the question remains to what else the alleged hacker had access to before stealing and releasing Intel’s confidential files.
Developing story. Updates to follow.