Wednesday, June 19th 2024
AMD Investigates Claims of a Data Breach by a Hacking Group
AMD has reportedly suffered a cybersecurity breach, with an organization that goes by "IntelBroker" claiming to have stolen company data on future products, customer databases, and financial records, among others. In a statement to Reuters, AMD said that it is working closely with law enforcement agencies and a third-party hosting partner, to investigate the claim of a data breach by IntelBroker. "We are working closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data," the company said. The AMD stock traded slightly down (by 2.38% as of this writing) on Tuesday.
HackRead goes into the details of the data IntelBroker claims to have stolen. There are broadly two categories of data in the breach—IP and product information; and business information. In terms of IP, IntelBroker claims to have done away with files related to device firmware, ROMs, source code, IP files, future AMD product plans, and technical specifications. The business information leaked includes employee databases, customer databases, financial information, user IDs (probably of employees), job designation, employment statuses, and business phone numbers.
In most such data breaches of major corporations, the hacking group demands a ransom to be paid, failing when it threatens to release the sensitive and confidential information to public. IntelBroker, however, has a different modus operandi—they have begun selling the information to interested parties, and accept cryptocurrency through a middleman as payment. IntelBroker has a long list of exploits, including HSBC, Barclays, T-Mobile, Los Angeles International Airport, Europol, Home Depot, Acuity Inc., and Facebook Marketplace.
Sources:
Reuters, HackRead, DarkWebInformer (Twitter)
HackRead goes into the details of the data IntelBroker claims to have stolen. There are broadly two categories of data in the breach—IP and product information; and business information. In terms of IP, IntelBroker claims to have done away with files related to device firmware, ROMs, source code, IP files, future AMD product plans, and technical specifications. The business information leaked includes employee databases, customer databases, financial information, user IDs (probably of employees), job designation, employment statuses, and business phone numbers.
17 Comments on AMD Investigates Claims of a Data Breach by a Hacking Group
Do these mega corps, especially those in the computing business, who should have millions of $$ dedicated to/invested in data security devices, practices and systems, continue to suffer breaches....
And, "the significance of the data".... seriously, like WTF ?.......
Any leaked data is significant, and normally, whatever amount of data you think they got, they probably got a buttload more that you just don't know about.. yet, as most of it has already been sold/distributed on the dark web...
OR...
This is just a smoke screen/excuse for lining up a bunch of dud/under-performing/unwanted employees for the unemployment lines, those who haven't really done anything wrong, but have not contributed anything of significance to the company and therefore fall into the grey area of "lets find a way to replace a bunch of seasoned/tenured folks with dweebs, tweenie-bots and ewwtooberz and pay them 1/2 as much money for the same work"
a data breach. How is this news :D There are like thousands of them daily, and China already has AMDs IP by now right?
Any of that data making it over The Great Firewall™ is kind of a big deal so I'd keep an eye out for it.
Also, IntelBroker.....LUL. That's a bit on the nose.
I'm not sure if they'll still find it funny when they end up caught and thrown into a dark cell tbh.
How can you make secure hardware when you can't secure your own network? Maybe AMD used own hardware? Or just their own home brewed software? Clearly they struggle with the improvements. Maybe it's on time ask professionals for help and not try fix it themself? Because they seems to come short on this :)
This is not AMD's first encounter with cybersecurity challenges. In 2022, the company was targeted by the RansomHouse hacking group, which also claimed to have extracted data from AMD's networks. That incident led to an extensive investigation by AMD to assess the damage and bolster its security measures.
This isn't the first time a group has claimed to have breached AMD's systems. In 2022, ransomware gang RansomHouse said it stole 450GB of data from Team Red. AMD launched an investigation into the claims and improved its security measures as a result, though it appears the changes weren't enough to prevent another incident.
When people see these cyber attacks they think of someone furiously typing away "hacking" an actual network, but more often than not the attack is done through phishing and/or social engineering by email.
"AMD said that it is working closely with law enforcement agencies and a third-party hosting partner"
AMD ABOUT TO RELEASE MORE AM4 CPU?
On average it only takes $75 to get the password from someone at a bar. (fbi number)
They assume they can just pocket the money and go change their password but the attackers typically have already gained the rest of the credentials...
Social engineering... its easier than brute force.