Expert On News: Intel Investigating Breach Of 20GB Documents Leak

US chipmaker Intel is investigating a security breach of 20 GB of internal documents classified as “Confidential” or “Restricted Secret” uploaded on file-sharing site MEGA.The data was published by Till Kottmann, a Swiss software engineer, who claims to received files from anonymous person. The cybersecurity experts highlight the danger of using third party services.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Erich Kron
Erich Kron , Security Awareness Advocate
InfoSec Expert
August 7, 2020 6:20 pm

While this appears to be an issue related to a third party, it does underline the security concerns around intellectual property when working with business partners both up and down the supply chain. There is always a risk when sharing potentially sensitive information to these business partners, however, this is often an unavoidable part of doing business.

Intel appears to have quickly traced the source of the information and I have no doubt, will be taking steps to review access and logs as they seek to identify the source of this data.

While we often think of data breaches in the context of customer data lost and potential PII leakage, it is very important that we also consider the value of intellectual property, especially for very innovative organisations and organisations with a large market share. This intellectual property can be very valuable to potential competitors, and even nation-states, who often hope to capitalise on the research and development done by others.

Whenever providing intellectual property access to another organisation or individual, it is important to log not only who has access, but when and what data they are accessing. Even better, as in this case with Intel, ensuring that you know where the documents have been shared by potentially marking the document itself, can be very valuable when hunting potential misuse as appears to have occurred here.

Last edited 2 years ago by Erich Kron
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x