Article Details

AMD internal data reportedly offered for sale. Second sensitive info theft claimed by the same crims since June. Digital data thieves have reportedly breached AMD's internal communications and are offering the allegedly stolen goods for sale.  In an August 25 listing on the dark web marketplace BreachForums, criminal groups IntelBroker and EnergyWeaponUser took credit for the break-in, which they claimed took place the same day — and also swore is separate from IntelBroker's earlier theft and sale of AMD source code and other internal data from June. The BreachForums post promises buyers compromised comms from "a mix of sources," including "idmprod.xilinx.com" and "amdsso.okta.com," and reportedly contains user credentials, case numbers and descriptions, and internal resolutions.  The attackers also provided a sample of the stolen data, which purports to be sensitive information including user names and assignment groups. AMD did not immediately respond to The Register's inquiries about the alleged intrusion. We will update this story when we receive a response from the chip designer. If this turns out to be true, and we strongly caution against taking criminals at their word, it will be the second breach of AMD's sensitive internal documents in three months. IntelBroker is reportedly behind both, with an apparent assist this time around by a newbie. Back in June, the American semiconductor manufacturer copped to a compromise, telling The Register: "We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data. We are working closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data." At the time, IntelBroker claimed to possess AMD's customer databases, upcoming product specifications and plans, internal financial figures and source code, firmware and ROMs, staff information, and other sensitive info. IntelBroker is also a site admin for the resurrected BreachForums. Over the past months, the group has claimed several high-profile intrusions and data sales, including Europol, the Pentagon, Korea's Ministry Of Defense, the US Army, and Home Depot, all of which have put a very large target on the cybercriminals' backs with international cops all gunning for the gang.