Yet again, another case of leaked data has hit the web. Intel, the largest chipmaker in the United States is investigating a data breach that leaked 20 GB of internal data. The assortment of documents included some marked as confidential, under NDA, and unrestricted secret. Till Kottman, a swift software engineer shared the data on the file-sharing site MEGA.
Kottman claims to have received the files from an anonymous hacker who insists they breached Intel earlier this year. The hacker claims to have found the data on an unsecured server via a simple Nmap scan. Many of which had zip files with easy to guess passwords. Kottman received the leaks due to his management on a popular telegram channel that frequently leaks data from major tech companies. Just a few weeks ago, Kottman released source code files of over 50 high profile companies such as Disney. The data released on Intel included technical specifications, product guides, and manuals for the company's CPUs. This contained confidential details on chip road maps, development and debugging tools, schematics, training videos, process simulator ADKs, sample code, and Bringup guides.
Even though the data breach did not include personal data of Intel’s clients or workers, it exposed the source code of their third parties. Intel denies Kottman’s claim the data breach was caused by the anonymous hacker. Intel claims the leaked data was from the Intel Resource and Design Center which hosts data for use by customers, partners, and external parties who have registered for access. Intel believes that an individual with access downloaded and shared the data.
Whenever providing intellectual property access to another organization or individual, it is important to log who had access, when they had access, and what they accessed. With SecureCircle’s patented Data Access Security Broker (DASB), you have control of your data. Every action to your data turns into an auditable event. DASB is a completely transparent data-centric protection solution, which not only provides a data log that becomes auditable when integrated with your SIEM but also enables mapping to a wide variety of compliance requirements pertaining to data visibility/tracking and protection/encryption. So even if Intel’s third parties had access to data, SecureCircle would’ve been able to protect the files from being released publicly.