AMD’s IT team is currently investigating after cybercriminals purportedly listed internal data allegedly stolen from the US microprocessor designer for sale. The data, claimed to be sourced from AMD, is being offered on the recently revived dark-web marketplace, BreachForums. Under the alias IntelBroker, one or more individuals are seeking cryptocurrency in exchange for what they assert includes customer databases, upcoming product specifications and plans, internal financial figures, source code, firmware and ROMs, staff information (including names, user IDs, and phone numbers), and other sensitive details.
In response to these claims, AMD stated, “We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data. We are collaborating closely with law enforcement authorities and a third-party hosting partner to investigate both the validity of these claims and the nature of the data.”
IntelBroker, known as a moderator on BreachForums, has gained notoriety for disseminating information allegedly obtained from high-profile breaches of major entities. Recent incidents involved data breaches at Europol, Home Depot due to a third-party oversight, and a partner of the Pentagon. Data from all these breaches was allegedly made available on the dark web by IntelBroker.
However, there remains a significant distinction between claiming possession of sensitive information and actually possessing it. While the purportedly stolen AMD blueprints may hold little value to legitimate engineers, they could be of interest to phishers, fraudsters, and unscrupulous investors.
Time may be running out for IntelBroker, as law enforcement agencies worldwide intensify efforts against BreachForums and its users. Given the severity and public profile of these digital breaches, individuals involved could face serious consequences. This heightened scrutiny is especially true considering claims of handling data stolen from the US Army Missile Command, an institution known for its stringent security protocols.
The situation underscores the ongoing challenges posed by cybercrime and the critical importance of robust cybersecurity measures to protect sensitive corporate and government data.