
Intel had 20 GB of proprietary data relating to its chipsets released through BitTorrent. The data appears to have been drawn from the device data Intel receives from its users through Intel’s Resource and Design Center. This data includes metrics on how a device performs, any help requests, and other diagnostic information that lets Intel troubleshoot problems and guide how they improve their next set of chips. This information is collected for Intel’s use, and then it is provided to other third-parties for their use. According to Intel, any third-party is required to sign an NDA before they can receive the information.
Intel has released a public statement that they do not believe that the security of their systems has been breached, but rather an individual from a third-party accessed the information and downloaded it, before distributing it via BitTorrent. While only 20GB of data have been made public so far, the (currently) unknown attacker has announced that they have more information to release. So far, the attacker has not made a public demand or offer to sell the information. It is possible that they have released the 20GB of data to show that they really do have the information as they claim they do, which puts them in a stronger bargaining position.
So far little is known about the attacker, and Intel is continuing its investigation into the incident. It’s possible that the attacker was backed by a nation-state, a well-known black hat group, or they may just be a disgruntled employee (which account for approximately 60% of attacks).