1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Hacker says they were able to download data on all 270,000 Intel

    From TechnologyDaily@1337:1/100 to All on Wednesday, August 27, 2025 04:15:07
    Hacker says they were able to download data on all 270,000 Intel employees - from an internal site

    Date:
    Wed, 27 Aug 2025 03:02:00 +0000

    Description:
    Intel internal security flaws apparently exposed 270,000 employee records.

    FULL STORY ======================================================================Intel staff records leaked through login flaws, exposing sensitive company information A single manipulated portal exposed over 270,000 Intel employee details Hardcoded credentials on internal portals raised serious security concerns

    Sensitive information about every Intel employee was reportedly available to anyone able to exploit weaknesses in the firms internal sites, an expert has claimed.

    Security researcher Eaton Z, who described the flaws in a lengthy blog post , found a business card portal used by Intel staff contained a login system which could be easily manipulated.

    By altering how the application verified users, Eaton managed to access data without needing valid credentials. A data file of enormous scale

    What began as a small discovery quickly expanded, as the system exposed far more information than its function required. Once deeper access was achieved, the results became difficult to dismiss.

    Eaton described downloading a file approaching one gigabyte in size that contained the personal details of Intels 270,000 employees.

    These records included names, roles, managers, addresses, and phone numbers. The scale of the leak suggests risks beyond simple embarrassment.

    The release of such data into the wrong hands could feed identity theft , phishing schemes, or social engineering attacks.

    The situation was not limited to a single vulnerable system, as Eaton
    reported three other Intel websites could be accessed with similar
    techniques.

    Internal sites such as the Product Hierarchy and Product Onboarding portals contained hardcoded credentials that were easily decrypted.

    Another corporate login page for Intels supplier site could also be bypassed.

    Together, these weaknesses formed multiple overlapping doors into the
    companys internal environment, a troubling picture for a business that frequently emphasizes the importance of digital trust.

    Intel was contacted about the issues starting in October 2024, and the
    company eventually fixed the flaws by late February 2025.

    However, Eaton did not receive bug bounty compensation, as Intels program excluded these cases through specific conditions.

    The only communication from the company was described as an automated response, raising questions about how seriously the disclosures were handled.

    Modern-day cybersecurity is complex; organizations may deploy firewall protections and security suites , yet simple oversights in application design can still expose critical systems.

    Even after patches are applied, the incident demonstrates that
    vulnerabilities are not always exotic flaws buried in hardware. You might
    also like These are the best temporary email services available We've also listed the best proxies for enterprises I am the CTO of Ordnance Survey and this is how this 230 year old organization is embracing AI



    ======================================================================
    Link to news story: https://www.techradar.com/pro/hacker-says-they-were-able-to-download-data-on-a ll-270-000-intel-employees-from-an-internal-site


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)