Intel is investigating reports that one hacker has leaked online 20 GB data derived from the chip giant, which appear to be related to source code, documents, and developer tools. An Intel spokesman said the files may have been leaked by someone who has access to Resource and Design Center, an online portal used by the company to give to business partners access in non-public technical documents for chipsets of. The company spokesman also added that everything indicates that a person gained access to this information and then downloaded and proceeded to leak this data.
A Swiss software engineer by name Till Kottmann published the documents, most of which are considered as "Confidential", stating that he got the material from a source who claims to have violated the company in May, while also noting that more details on this issue will be published soon. The information contained in the leak relates to Intel technology patents and chipsets, including specifications, product guides and internal manuals. Specifically, the data contained in the leak include the following:
- Intel ME Bringup guides + (flash) tools + samples for various platforms
- Kabylake (Purley Platform) BIOS Reference Codes and Sample Code for Kaby Lake
- Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) sources
- Silicon / FSP source code packages for various platforms
- Various Intel deployment and debugging tools
- Simics simulation for Rocket Lake S and possibly other platforms
- Various roadmaps and other documents
- Binaries for camera drivers made by Intel for the space company SpaceX.
- Shapes, tools and firmware for the company's upcoming Tiger Lake processors.
- Educational video FDK cable
- Intel Marketing Material Templates (InDesign)
The good news is that the leak does not directly affect any customers or users of Intel processors. However, the fact that hackers have access to specific processor functions as well as the Bios programming code could be used in the future for even more serious attacks. Intel said in a statement that it was investigating the case and acknowledged that much of the technology secret information was currently in "inappropriate" hands.
Finally, it is worth noting that the same person has previously leaked the source code from dozens of companies, including Microsoft, Adobe, Johnson Controls, GE, AMD, Lenovo, Motorola, Qualcomm, Mediatek, Disney, Daimler, Roblox and Nintendo, with many reports pointing out that most of the information comes from incorrect configuration or exposed DevOps infrastructure.