Description: A security researcher, Eaton Z, discovered critical vulnerabilities in Intel’s internal portals, including a business card login system that could be manipulated to bypass authentication. By exploiting weak verification mechanisms, the researcher accessed a **1GB data file** containing **personal details of over 270,000 Intel employees**, including names, roles, managers, addresses, and phone numbers. The breach extended beyond a single system, with **three additional Intel websites** (Product Hierarchy, Product Onboarding, and a supplier portal) found to have **hardcoded, easily decryptable credentials**, enabling unauthorized access. The exposed data poses severe risks, such as **identity theft, phishing, and social engineering attacks**, while also undermining Intel’s reputation in digital trust. Despite reporting the flaws in **October 2024**, Intel only patched them by **February 2025** and denied bug bounty compensation, citing program exclusions. The incident highlights how **basic application design oversights**—rather than sophisticated cyberattacks—can lead to large-scale internal data leaks, with potential long-term operational and security repercussions.

Description: Intel experienced a data breach that resulted in an online leak of 20GB of internal documents. Many files are marked confidential or restricted secret. The leaked files contained Intel intellectual property respective to the internal design of various chipsets. The files contained technical specs, product guides, and manuals for CPUs dating back to 2016.

Description: The links to the source code leak for the Intel UEFI BIOS of Alder Lake CPUs was recently posted by a Twitter user named 'freak'. The leak contained 5.97 GB of files, source code, private keys, change logs, and compilation tools, with the latest timestamp on the files being 9/30/22, likely to be the time when a hacker or insider copied the data. However it is still not confirmed that the source code was stolen during a cyberattack or leaked by an insider.

Description: The Iranian ransomware-as-a-service operation, Pay2Key.I2P, reemerged after a five-year hiatus, targeting organizations in the US and Israel. The group, linked to the Iranian government-backed Pioneer Kitten, has a history of targeting Israeli companies, including Intel's subsidiary Habana Labs. In late 2020, Pay2Key claimed to have stolen 53GB of data from Habana Labs, threatening to leak it. The group's updated ransomware now includes capabilities from Mimic ransomware, posing a significant threat to organizations' data security.

Description: A newly discovered class of vulnerabilities in Intel processors, termed Branch Predictor Race Conditions (BPRC), allows attackers to systematically extract sensitive data from the cache and random-access memory (RAM) of other users sharing the same hardware. Affecting all Intel processors released in the past six years-including those in consumer devices and cloud server infrastructure-the vulnerability exploits speculative execution technologies designed to accelerate computational performance. Researchers from ETH Zurich’s Computer Security Group (COMSEC) demonstrated that malicious actors could leverage BPRC to bypass privilege barriers at the processor level, achieving unauthorized readouts of memory contents at rates exceeding 5,000 bytes per second. This flaw poses acute risks for multi-tenant cloud environments, where shared hardware resources amplify the potential for cross-user data breaches. Speculative Execution and Its Inherent Security Trade-Offs Modern processors employ speculative execution to predict and precompute likely instructions, reducing latency in program execution. By anticipating branches in code execution paths, such as conditional statements, CPUs can maintain computational throughput even during delays caused by data fetches from slower memory systems. However, this performance optimization creates side channels that attackers can exploit. ETH Zurich’s Kaveh Razavi, head of COMSEC, notes that speculative technologies “fundamentally undermin

Description: The Spectre v2 vulnerability poses a significant threat to Intel's reputation and security posture. The flaw allows for the violation of fundamental security layers, including memory access separation between user-mode processes and kernel processes, and the separation between OS memory and secure CPU execution environments like Intel SGX. This vulnerability has led to the development of various mitigations such as eIBRS and IBPB, but these solutions are not foolproof. Researchers have found that in-flight branch predictor updates can still be exploited, posing a continuous risk. The ongoing impact on Intel involves potential customer distrust and the need for continuous investment in research and development to address these vulnerabilities.

Description: A series of critical vulnerabilities across multiple internal Intel websites enabled the complete exfiltration of the company’s **global employee database** (270,000+ records) and unauthorized access to **confidential supplier information**, including NDAs. The flaws—stemming from **client-side authentication bypasses, hardcoded credentials (e.g., weak AES key '1234567890123456'), lack of server-side validation, and fabricated token acceptance (e.g., 'Not Autorized')**—were exploited via four distinct pathways. Key breaches included: - **Intel India’s business card ordering site**: Bypassed Azure login via JavaScript modification, exposing an unauthenticated API that returned a 1GB JSON file with **employee names, roles, managers, phone numbers, and mailbox addresses**. - **Product Hierarchy site**: Hardcoded, easily decrypted credentials granted backend access to the same employee database. - **Product Onboarding site**: Contained **hardcoded API keys and a GitHub personal access token**, risking further supply chain compromise. - **Supplier EHS IP Management System (SEIMS)**: Token validation bypass allowed **administrative access to supplier NDAs and IP data**. Intel remediated the vulnerabilities post-disclosure (October 2024), but the incident highlights systemic security oversights. While **no SSNs or salaries were exposed**, the **mass PII breach of employees and partners** poses severe reputational, operational, and compliance risks.