• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

AMD Investigates Claims of a Data Breach by a Hacking Group

btarunr

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,794 (7.40/day)
Location
Dublin, Ireland
System Specs
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard Gigabyte B550 AORUS Elite V2
Cooling DeepCool Gammax L240 V2
Memory 2x 16GB DDR4-3200
Video Card(s) Galax RTX 4070 Ti EX
Storage Samsung 990 1TB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
AMD has reportedly suffered a cybersecurity breach, with an organization that goes by "IntelBroker" claiming to have stolen company data on future products, customer databases, and financial records, among others. In a statement to Reuters, AMD said that it is working closely with law enforcement agencies and a third-party hosting partner, to investigate the claim of a data breach by IntelBroker. "We are working closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data," the company said. The AMD stock traded slightly down (by 2.38% as of this writing) on Tuesday.

HackRead goes into the details of the data IntelBroker claims to have stolen. There are broadly two categories of data in the breach—IP and product information; and business information. In terms of IP, IntelBroker claims to have done away with files related to device firmware, ROMs, source code, IP files, future AMD product plans, and technical specifications. The business information leaked includes employee databases, customer databases, financial information, user IDs (probably of employees), job designation, employment statuses, and business phone numbers.



In most such data breaches of major corporations, the hacking group demands a ransom to be paid, failing when it threatens to release the sensitive and confidential information to public. IntelBroker, however, has a different modus operandi—they have begun selling the information to interested parties, and accept cryptocurrency through a middleman as payment. IntelBroker has a long list of exploits, including HSBC, Barclays, T-Mobile, Los Angeles International Airport, Europol, Home Depot, Acuity Inc., and Facebook Marketplace.

View at TechPowerUp Main Site | Source
 
Why ??

Do these mega corps, especially those in the computing business, who should have millions of $$ dedicated to/invested in data security devices, practices and systems, continue to suffer breaches....

And, "the significance of the data".... seriously, like WTF ?.......

Any leaked data is significant, and normally, whatever amount of data you think they got, they probably got a buttload more that you just don't know about.. yet, as most of it has already been sold/distributed on the dark web...

OR...

This is just a smoke screen/excuse for lining up a bunch of dud/under-performing/unwanted employees for the unemployment lines, those who haven't really done anything wrong, but have not contributed anything of significance to the company and therefore fall into the grey area of "lets find a way to replace a bunch of seasoned/tenured folks with dweebs, tweenie-bots and ewwtooberz and pay them 1/2 as much money for the same work"
 
EAU NEAU

a data breach. How is this news :D There are like thousands of them daily, and China already has AMDs IP by now right?
 
Dude it's been a while but last I checked China was still restricted to Ryzen 2nd gen stuff.
Any of that data making it over The Great Firewall™ is kind of a big deal so I'd keep an eye out for it.
Also, IntelBroker.....LUL. That's a bit on the nose.
 
bonehead123 said:
Why ??

Do these mega corps, especially those in the computing business, who should have millions of $$ dedicated to/invested in data security devices, practices and systems, continue to suffer breaches....

And, "the significance of the data".... seriously, like WTF ?.......

Any leaked data is significant, and normally, whatever amount of data you think they got, they probably got a buttload more that you just don't know about.. yet, as most of it has already been sold/distributed on the dark web...
Click to expand...
Because cybersecurity practices can only diminish the risk of a breach to a certain point.
 
bonehead123 said:
Why ??

Do these mega corps, especially those in the computing business, who should have millions of $$ dedicated to/invested in data security devices, practices and systems, continue to suffer breaches....
Click to expand...

With tons of previous breaches, some even unrelated to AMD, hackers can easily use personal information of employees for a very personal phishing. And with this new leak of employee information the vicious circle will continue, some other group will use this information to gain access to AMD and their partners...
 
R0H1T said:
Nothing to with Intel, huh :nutkick:
Click to expand...
"Intelbroker" indeed sounds comical. I always suspected that Intel was trying to get AMD's secrets, but I never imagined their desperation would go this far. /s

I'm not sure if they'll still find it funny when they end up caught and thrown into a dark cell tbh.
 
I'm glad they finally released a statement...like a week after the group claimed to have breached them and only after they actually put stuff up for sale.
 
Kind of surprised they haven't gone after NVIDIA or Intel; both seem like juicier targets considering one has a virtual monopoly in the accelerator/GPU space and the other still has a good lead when it comes to a lot of used computer CPUs, especially in Europe and Asia.
 
Redwoodz said:
Well, if you can't beat them, just steal their IP. :eek:
Click to expand...
Or put it the other way...

How can you make secure hardware when you can't secure your own network? Maybe AMD used own hardware? Or just their own home brewed software? Clearly they struggle with the improvements. Maybe it's on time ask professionals for help and not try fix it themself? Because they seems to come short on this :)

This is not AMD's first encounter with cybersecurity challenges. In 2022, the company was targeted by the RansomHouse hacking group, which also claimed to have extracted data from AMD's networks. That incident led to an extensive investigation by AMD to assess the damage and bolster its security measures.

This isn't the first time a group has claimed to have breached AMD's systems. In 2022, ransomware gang RansomHouse said it stole 450GB of data from Team Red. AMD launched an investigation into the claims and improved its security measures as a result, though it appears the changes weren't enough to prevent another incident.
 
Papusan said:
Or put it the other way...

How can you make secure hardware when you can't secure your own network?
Click to expand...
The security of a network hinges on the people using it more often than the network itself. Hardware lacks the people component.

When people see these cyber attacks they think of someone furiously typing away "hacking" an actual network, but more often than not the attack is done through phishing and/or social engineering by email.
 
Papusan said:
Or put it the other way...

How can you make secure hardware when you can't secure your own network? Maybe AMD used own hardware? Or just their own home brewed software? Clearly they struggle with the improvements. Maybe it's on time ask professionals for help and not try fix it themself? Because they seems to come short on this :)

This is not AMD's first encounter with cybersecurity challenges. In 2022, the company was targeted by the RansomHouse hacking group, which also claimed to have extracted data from AMD's networks. That incident led to an extensive investigation by AMD to assess the damage and bolster its security measures.

This isn't the first time a group has claimed to have breached AMD's systems. In 2022, ransomware gang RansomHouse said it stole 450GB of data from Team Red. AMD launched an investigation into the claims and improved its security measures as a result, though it appears the changes weren't enough to prevent another incident.
Click to expand...
The article implies AMD itself wasn't hacked, so I'm sure their policies are rigorous enough.
"AMD said that it is working closely with law enforcement agencies and a third-party hosting partner"
 
wow, what did i just see?
AMD ABOUT TO RELEASE MORE AM4 CPU?
 
bonehead123 said:
Why ??

Do these mega corps, especially those in the computing business, who should have millions of $$ dedicated to/invested in data security devices, practices and systems, continue to suffer breaches....
Click to expand...
You are only as strong as your dumbest employee.
On average it only takes $75 to get the password from someone at a bar. (fbi number)
They assume they can just pocket the money and go change their password but the attackers typically have already gained the rest of the credentials...
Social engineering... its easier than brute force.
 
You must log in or register to reply here.
Back
Top