IntelBroker and EnergyWeaponUser, known for their illegal activities, have announced a new data breach targeting the large technology company AMD. This breach is said to have occurred on August 25, 2024, and is separate from a previous breach in June.
According to a post on the dark web marketplace BreachForums, the attackers have obtained internal communications from various AMD sources, including “idmprod.xilinx.com” and “amdsso.okta.com.” The compromised data reportedly contains sensitive information such as user credentials, case numbers, descriptions, and internal resolutions.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot
The hackers shared a sample of the stolen information, which is said to include user names and assignment groups. They also said they are willing to share more evidence or screenshots if asked. This has raised concerns about how it could affect AMD’s operations and customer trust.
This incident marks the second alleged breach of AMD’s sensitive internal documents in just three months, with IntelBroker reportedly behind both attacks. In June, AMD acknowledged a compromise, stating they were working with law enforcement and a third-party hosting partner to investigate the claim and assess the significance of the data.
IntelBroker, who is also a site admin for the resurrected BreachForums, has claimed responsibility for several high-profile intrusions and data sales in recent months, including breaches at Europol, the Pentagon, Korea’s Ministry of Defense, the US Army, and Home Depot.
AMD has not yet responded to inquiries about this latest alleged intrusion. As the investigation unfolds, the tech industry and cybersecurity experts await more information on the extent and impact of the breach, which underscores the persistent and evolving threat landscape faced by global corporations.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial