Exconfidential Lake – Intel investigating 20GB data leak

Intel data leaked over 20 GB and they are investigating a major leak from internal business files and documents posted by a Twitter user Kottmann. They said leaked data was also posted to Mega.nz’s file-sharing website as per CRN. The file consists of files that come from an Intel web portal that can be accessed by users, partners, and other third party credentials. The barebones information was released on Twitter, by a Swiss software engineer, Till Kottmann (. He had received the files from an anonymous hacker who claimed earlier this year to have stolen Intel. Kottmann has named the leak as an exconfidential lake. In that Lake is a reference to Intel’s internal name for its 10-nanometer chip platform.

Intel still Investigating Large Data Leak

A third party has stolen more than 20 gigabytes of confidential data and source code from chipmaker Intel Corp., presumably the result of a data breach earlier this year. User and IT consultants have announced the first 20 GB release in a series of large Intel leaks. Intel later verified the data leak, which was available publicly on BitTorrent feeds. Leaked details from the Intel Resource and Development Center seems to be compromised. In fact, there is also a possibility that the reported information is not up-to-date and something that the firm is currently trying to ascertain.

It is common practice for IT firms to share confidential knowledge. However, they share new developments and product releases with their trusted customers and partners before the specifics are open to the general public. Although the leak appears to be a third-party problem. Moreover, it highlights the protection issues surrounding intellectual property while working with trusted business partners across the supply chain. They received data from a source that compromised Intel earlier. Although, the new version will join more in the future. Leak consists of sensitive materials provided by Intel customers for designing motherboards, BIOS, or anything that works with Intel CPUs and other chips. Some of such source code documents and packages refer to Intel CPU platforms.

What kind of Data Leaked Online

Intel has refuted reports that it has been compromised and indicated that someone with access could have copied and exchanged leaked data. Although, the leak has a wide variety of classified Intel and NDA documents and resources including:

• Intel ME Guides + (flash) Tooling + Samples for different platforms
• SOURCES: Intel CEFDK (consumer electronics firmware development kit)
• Packages of Silicon / FSP source code for various platforms
• Specific Intel Design and Debug Tools
• Simulations for Rocket Lake S, and probably other platforms
• Diverse road charts and other documents
• Camera driver binaries Intel built for SpaceX
• Schematics, Docs, Software + Firmware for Tiger Lake Project Unreleased
• Sample Code for Elkhart Lake Silicone Comparison and Platform
• Some Verilog things for various Xeon Platforms, uncertain exactly what it is.
• Monitor BIOS / TXE for different Platforms
• Bootguard SDK (coded zip)
• Intel Snowridge / ADK Process Simulator
• Diverse schemas
• Templates for intel marketing materials (InDesign)

and many other data…

Conclusion

In conclusion, the Prevention of data leakage is a technique that guarantees that end users don’t transfer confidential or sensitive information outside the company network. However, to prevent data leakage, companies need to determine whether to share data and then track and control the exchange. In other words, there are no technical means of avoiding data leaks. As a result, there is definitely no way in the modern world to secure data completely, but there are several sound ways to the risk of data leakage. One such policy is a simple organizational Data Loss Prevention (DLP) policy.