Photo: JHVEPhoto/Shutterstock.com
Leading semiconductor company AMD is investigating a potential cyberattack following claims that a threat actor, IntelBroker, has stolen and put a significant amount of sensitive data for sale.
As per FalconFeeds, the threat actor has posted on a hacking forum, alleging that the data breach includes confidential information about AMD’s employees, financial documents, and propriety data.
The hackers behind the alleged breach have shared screenshots of what appears to be stolen AMD credentials. However, they have not disclosed the sale price or detailed how they obtained the data.
“In June 2024, AMD, a large computing company, suffered a data breach. Compromised data: Future AMD products, Spec sheets, employee databases, customer databases, property files, ROMs, source code, firmware and finances,” mentioned the hackers.
Furthermore, the data also contains user IDs, including first and last names, job functions, and business phone and email addresses.
IntelBroker is notorious in the cybercriminal community for high-profile breaches. They were responsible for the DC Health Link breach, which exposed the personal data of the U.S. House of Representatives members and staff, leading to a congressional hearing. More recently, they breached a Europol Platform for Experts (EPE), an information-sharing portal among international law enforcement agencies.
“We are aware of a cybercriminal organisation claiming to be in possession of stolen AMD data,” AMD told BleepingComputer. “We’re working closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data.”
The potential exposure of AMD’s sensitive information could have far-reaching implications, affecting the company’s operations and its stakeholders, including employees, customers, and partners.
This isn’t AMD’s first encounter with a significant data breach. In June 2022, the company investigated another breach by the RansomHouse extortion gang, which claimed to have stolen 450 GB of data.
FalconFeeds also reports that the same threat actor group has breached Apple and leaked the internal source of three tools from Apple’s internal site, including AppleConnect-SSO, Apple-HWE-Confluence-Advanced, and AppleMacroPlugin.
In the News: Qilin demands $50 million ransom from Synnovis for decryption key