Chip maker launches probe into data theft amid cybersecurity concerns

Published on : 02 Jul 2024


Chip maker launches probe

American chip giant Advanced Micro Devices, Inc. (AMD) announced that it has launched a probe of a data breach carried out by a cybercriminal group called Intelbroker that led to several private documents and information being stolen which occurred early this month. 

In a statement to media outlets, the company spokesperson said that it is working closely with the authorities and a third-party hosting partner to investigate the impact of the breach. 

 Intelbroker claims to have accessed various types of information, including ROMs, firmware, source code, property files, and databases containing employee and customer details. Additionally, it asserted having obtained financial information, future AMD product plans, and technical specification sheets. 

The breach was discovered after Intelbroker posted screenshots of the data it stole on Breach Forums, an infamous hacking site on the dark web where cybercriminals discuss various hacking methods and sell stolen data.  In addition to the data posted on BreachForums, Intelbroker further posted that it will sell the data to interested parties in exchange they must be paid in XMR, a cryptocurrency. 

This is not the first time that AMD has suffered a cyber-attack. A cybercriminal group called RansomHouse stole 450GB worth of data from the company in 2022 

Repercussions of the data breach 

The data breach is considered a blow to AMD and to the chip industry as a whole. The leak of personal data of employees and customers will make them vulnerable to future cybercrimes, while the leak of technical documents could harm its competitive position. The incident also raises concerns about the vulnerability of chip making companies to cyber-attacks and the need for robust cybersecurity measures. 

Cybercriminals are getting sophisticated with the advancements of technology. That is why companies such as AMD must remain vigilant and invest in robust cybersecurity measures to protect their sensitive data and maintain the trust of their customers and employees. 

Narendra Sahoo
Narendra Sahoo

Narendra Sahoo (PCI QPA, PCI QSA, PCI SSF ASSESSOR, CISSP, CISA, CRISC, 27001 LA) is the Founder and Director of VISTA InfoSec, a global Information Security Consulting firm, based in the US, Singapore & India. Mr. Sahoo holds more than 25 years of experience in the IT Industry, with expertise in Information Risk Consulting, Assessment, & Compliance services. VISTA InfoSec specializes in Information Security audit, consulting and certification services which include GDPR, HIPAA, CCPA, NESA, MAS-TRM, PCI DSS Compliance & Audit, PCI PIN, SOC2 Compliance & Audit, PDPA, PDPB to name a few. The company has for years (since 2004) worked with organizations across the globe to address the Regulatory and Information Security challenges in their industry. VISTA InfoSec has been instrumental in helping top multinational companies achieve compliance and secure their IT infrastructure.