Depending on whose version of the story is correct, a 20 GB data leak affecting Intel presents an important lesson on either the perils of default credentials and insecure server misconfigurations, or the risks of sharing proprietary secrets with third-party business partners and customers.
Software engineer Tillie Kottmann, whose Twitter account looks to have been suspended, last week tweeted that an anonymous hacker shared with him a spate of internal Intel documents – the first of might be a series of leaks. Kottmann uploaded these confidential assets – including source code, product guides and manuals, technical specs, development and debugging tools and more – online via the file-sharing site MEGA and dubbed the leak “exconfidential Lake.”
Several news outlets published an apparent conversation between Kottmann and the mysterious hacker persona, in which the perpetrator said that he (or she) had exfiltrated from an improperly secured internet server hosted via Akamai’s content delivery network. The anonymous hacker said he found the breached server using a scanning tool and leveraged a Python script to uncover username defaults and unsecure instances of file or folder access. Once inside a folder, root access was then possible.
However, Intel in a statement denied that there was a hack and instead suspects that a rogue third party individual with access to the company’s Resource and Design Center web portal maliciously downloaded and leaked the information. The company also thinks the culprit could have amassed the information from multiple web sources.
Source: SC Magazine