Massive Intel Breach – 20GB of Confidential Design Information (IP & Documents) Leaked
Intel has suffered quite a sizeable data breach leaking over 20GB of confidential microarchitecture and engineering information through a Swiss IT consultant. The information along with several documents which include confidential information of existing and upcoming CPU IPs have been leaked within the 'Intel Exconfidential Lake Platform Release'.
'Intel Ex-Confidential Lake' 20GB Folder Leaks Out - Intel Says User Downloaded Files Through Restricted Portal
A folder containing Intel's intellectual data was shared online and while it's unclear exactly what has escaped confidential status, the following list comes directly from the individual in regards to what has been leaked.
- Intel ME Bringup guides + (flash) tooling + samples for various platforms
- Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
- Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
- Silicon / FSP source code packages for various platforms
- Various Intel Development and Debugging Tools
- Simics Simulation for Rocket Lake S and potentially other platforms
- Various roadmaps and other documents
- Binaries for Camera drivers Intel made for SpaceX
- Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
- (very horrible) Kabylake FDK training videos
- Intel Trace Hub + decoder files for various Intel ME versions
- Elkhart Lake Silicon Reference and Platform Sample Code
- Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
- Debug BIOS/TXE builds for various Platforms
- Bootguard SDK (encrypted zip)
- Intel Snowridge / Snowfish Process Simulator ADK
- Various schematics
- Intel Marketing Material Templates (InDesign)
- Lots of other things
In a statement to Tom's Hardware, Intel claims the leaked information comes primarily from Intel's Resource & Design Center:.
We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.
Most of the leaked files are claimed to have been obtained earlier this year. The files are reported to be of classified status, under NDA, or under Intel Restricted Secret, and therefore none of these files have been published or released to the general public.
A reminder that competition is good, doing illegal shady stuff is not. If someone posts confidential material on the internet, do not download or share it. Contact law enforcement and the company concerned to report those sharing such materials.
— Jon Masters 🏴☠️ (@jonmasters) August 6, 2020
Interestingly, the files have mentions of the word "backdoor" although we aren't sure if those actually refer to a backdoor and not some other term/code lingo. We would also like to remind everyone that if you happened to download these files it would be the equivalent of IP theft and could incur legal penalties.