Intel's classified documents, including source codes, leaked online

2020-08-07

Intel is investigating the alleged leak of more than 20 GB of its internal documents that have been uploaded online on a public file-sharing service.

Till Kottmann, a Swiss software engineer, published the classified documents on MEGA website, revealing that they were received from an anonymous hacker who claimed to have breached Intel earlier in 2020.

Kottmann manages a Telegram channel where he posts data that is accidentally leaked from leading tech firms through online web portals, cloud servers, and misconfigured Git repositories.

Kottmann dubbed the leaked data as "Intel exconfidential Lake" and said that much of the information is under strict non-disclosure agreement (NDA) and not published anywhere.

According to Kottmann, the initial release contains documents related to:

The hacker told Kottmann that they used the nmap port-scanning tool to scan the internet and found an unsecured Intel server on . Using a custom script, they were able to guess default passwords and gain access to files and folders on the system.

Kottman said that "if you find password protected zips in the release the password is probably either "Intel123" or "intel123".

Kottmann also hinted at potential "backdoor" information being present in the leaked files, revealing that the word "backdoor" appeared twice in the source code associated with Intel's Purely Refresh chipset for .

In a statement, an Intel spokesperson said that Intel officials don't believe the leaked data came from a network breach. Rather, it appears to come from the Intel Resource and Design Centre, which hosts information for use by Intel's partners, customers, and other external parties.

The spokesperson said that a person with access to Intel's Resource and Design Centre probably downloaded the data and shared it with Kottmann.