Someone Has Shared Online 20GB of Confidential Info Belonging to Intel

Last updated September 17, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

A hacker has uploaded online 20GB of source code and various documents belonging to Intel and has already promised to upload a lot more soon. The pack was given the name “Intel exconfidential Lake Platform Release ;)”, and from what seems to be the case, it contains highly confidential information that Intel wouldn’t want to see published for sure.

Some of the staff that is found on the dump include the following filenames:

The actor reached out to an IT consultant who finds enjoyment in dissipating source code leaks and explained that Intel used an improperly secured Akamai CDN that allowed him/her to potentially access 370 servers.

The actor then allegedly used a custom Python script to quickly probe the server and locate accessible folders and files. As long as a valid file name guess was made, the person could enter the location folder and then access the entire directory.

intel_leak

Credits: @rombik_su | Twitter

Allegedly, the hacker exploited a second, separate misconfiguration as well, masquerading as an Intel employee to create a new user. And as for the password protection of the contained files, that would be either “Intel123” or “intel123,” which is typically used for stuff that the company shares with engineers and its partners.

It didn’t take long for Intel to respond to all that, and so here’s is what the told Tom’s Hardware: “We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners, and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: