AMD provides update on data breach — says it won't 'have a material impact' on business

AMD's headquarters in Santa Clara, Calif.
(Image credit: AMD)

Earlier this week AMD announced that it was investigating claims of a serious internal network breach. Now the chipmaker has provided an updated statement to Bloomberg, characterizing the damage as limited. AMD said the infiltration shouldn’t have any significant impact on its operations because the hackers obtained only a limited amount of information. 

The first reports of the breach came on June 18 from the attackers themselves. Notorious cybercriminal Intelbroker claimed to have obtained data that included plans for future products, customer information, and employee details. AMD later acknowledged the claims and said it was working “closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data." 

However, AMD followed up with a statement provided to Bloomberg on June 19. It now says the data breach was limited in scope, and would be unlikely to have any significant impact on its business or operations. While not directly refuting claims that the data included customer and employee information, AMD did acknowledge at least some of the stolen information.

A company spokesperson told Bloomberg, “Based on our investigation, we believe a limited amount of information related to specifications used to assemble certain AMD products was accessed on a third-party vendor site.” The statement did not disclose which products, or if they had anything to do with AMD's efforts to rival Nvidia in AI technology.

From that statement, one can hope that means there were no leaked customer or employee details. Samples of the stolen data shared on BreachForums showed screenshots and snippets from AMD’s internal systems, but this could have been limited to the assembly specifications mentioned.

Intelbroker has pulled off various high-profile cyber attacks in the past. It previously infiltrated internal networks at Los Angeles International Airport, exposing personal information and flight manifests. The cybercriminal also compromised several U.S. federal agencies through its Acuity breach.

Intelbroker's post on Breach Forums about AMD hack (Image credit: The Cyber Express)

The cybercriminal was attempting to sell the information gained from breaching AMD’s network. However, some of its other attacks were carried out for reasons other than financial gain, such as disrupting critical infrastructures to further its own geopolitical agenda.

Jeff Butts
Contributing Writer

Jeff Butts has been covering tech news for more than a decade, and his IT experience predates the internet. Yes, he remembers when 9600 baud was “fast.” He especially enjoys covering DIY and Maker topics, along with anything on the bleeding edge of technology.

  • suryasans
    Those leaked products design materials may be useful for the rights to repair movement if IntelBroker released them for free.
    Reply
  • Roland Of Gilead
    Yeah, is this a bit of spin though? AMD are hardly gonna say, 'Oh yeah, this hack is really gonna set us back, and some of our most important work is out there for everyone to see, along with personal data about staff and clients! But, don't worry, we are working with Law informent, so it will be grand.'
    Reply
  • From that statement, one can hope that means there were no leaked customer or employee details.

    Really ? This screenshot proof says otherwise. Is AMD just trying to play safe here ? Don't believe what any company rep says in defense though.


    https://i.imgur.com/9kdvIZ3.png

    Samples of the stolen data shared on BreachForums showed screenshots and snippets from AMD’s internal systems, but this could have been limited to the assembly specifications mentioned.

    Not true. The whole list of data that may have been compromised was earlier shared by HackRead:
    ROMs
    Firmware
    Source code
    Property files
    Employee databases
    Customer databases
    Financial information
    Future AMD product plans
    Technical specification sheetsCompromised employee information includes data such as:
    User IDs
    Job functions
    Email addresses
    Employment status
    First and last names
    Business phone numbers
    The hacker is selling the data exclusively for XMR (Monero) cryptocurrency, accepting a middleman for transactions. He advises interested buyers to message him with their offers.

    1802826266355040588View: https://x.com/DarkWebInformer/status/1802826266355040588
    Reply
  • Amdlova
    Intel broker lol
    Reply
  • Roland Of Gilead
    Amdlova said:
    Intel broker lol
    Yeah, the name is kinda ironic!
    Reply
  • TechyIT223
    Damage control by AMD
    Reply
  • artk2219
    Those user IDs and emails are useful for future attempts to get back in and get more data, or to try to scam the individuals directly. So far it seems limited in impact, though AMD is definitely playing it safe and is in damage control for the time being. I'm curious to know if there are any particularly interesting tid bits that we haven't seen yet .
    Reply
  • DS426
    I mean it should be "limited in scope"; if any large enterprise networks have any decent sort of defense-in-depth measures, data breaches should be rather compartmentalized.

    I appreciate AMD's seemingly straightforward and transparent communications on this though as, it seems too often, statements are made just to calm stockholder concerns.
    Reply
  • scottslayer
    Metal Messiah. said:
    Really ? This screenshot proof says otherwise. Is AMD just trying to play safe here ? Don't believe what any company rep says in defense though.


    https://i.imgur.com/9kdvIZ3.png



    Not true. The whole list of data that may have been compromised was earlier shared by HackRead:
    ROMs
    Firmware
    Source code
    Property files
    Employee databases
    Customer databases
    Financial information
    Future AMD product plans
    Technical specification sheetsCompromised employee information includes data such as:
    User IDs
    Job functions
    Email addresses
    Employment status
    First and last names
    Business phone numbers
    The hacker is selling the data exclusively for XMR (Monero) cryptocurrency, accepting a middleman for transactions. He advises interested buyers to message him with their offers.

    1802826266355040588View: https://x.com/DarkWebInformer/status/1802826266355040588
    Is AMD hoping the group won't immediately kick their teeth in by releasing proof of the breach being non-superficial?
    I read your referenced Hackread article and I dont think AMD should be claiming its merely a flesh wound at all.
    Reply
  • TechyIT223
    Yup. I think AMD took the hackers too lightly it seems or what?
    Reply