Heads-up to my Intel and former Intel colleagues — a data breach has been discovered that exposed information on 270k workers. The good news, is that the data was probably not very sensitive as it was the internal system used to order business cards.
Other sites that were compromised were a project listing, vendor supplier, and hierarchy management site. Insights about who is working on which projects and their reporting structures could offer focused attackers’ information to assist with targeting of people for social engineering attacks.
What is embarrassing is the security researchers found that Intel was using hardcoded passwords to protect these sites and misconfigured encryption that was easily bypassed.
The vulnerability researcher, Eaton, followed ethical standards and reported these to Intel last year. Intel closed the vulnerabilities this year.
The researchers at Eaton did a great job in documenting, with lots of screenshots, the exposures in their recently published blog — worth a read: https://eaton-works.com/2025/08/18/intel-outside-hack/