AMD internal data reportedly offered for sale
Second sensitive info theft claimed by the same crims since June
Digital data thieves have reportedly breached AMD's internal communications and are offering the allegedly stolen goods for sale.
In an August 25 listing on the dark web marketplace BreachForums, criminal groups IntelBroker and EnergyWeaponUser took credit for the break-in, which they claimed took place the same day — and also swore is separate from IntelBroker's earlier theft and sale of AMD source code and other internal data from June.
The BreachForums post promises buyers compromised comms from "a mix of sources," including "idmprod.xilinx.com" and "amdsso.okta.com," and reportedly contains user credentials, case numbers and descriptions, and internal resolutions.
The attackers also provided a sample of the stolen data, which purports to be sensitive information including user names and assignment groups.
AMD did not immediately respond to The Register's inquiries about the alleged intrusion. We will update this story when we receive a response from the chip designer.
If this turns out to be true, and we strongly caution against taking criminals at their word, it will be the second breach of AMD's sensitive internal documents in three months. IntelBroker is reportedly behind both, with an apparent assist this time around by a newbie.
- Dark-web kingpin puts 'stolen' internal AMD databases, source code up for sale
- Crook brags about US Army and $75B defense biz pwnage
- Europol confirms incident following alleged auction of staff data
- Feds probe alleged classified US govt data theft and leak
Back in June, the American semiconductor manufacturer copped to a compromise, telling The Register: "We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data. We are working closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data."
At the time, IntelBroker claimed to possess AMD's customer databases, upcoming product specifications and plans, internal financial figures and source code, firmware and ROMs, staff information, and other sensitive info.
IntelBroker is also a site admin for the resurrected BreachForums. Over the past months, the group has claimed several high-profile intrusions and data sales, including Europol, the Pentagon, Korea's Ministry Of Defense, the US Army, and Home Depot, all of which have put a very large target on the cybercriminals' backs with international cops all gunning for the gang. ®