Intel shed new light on its claim that the leak of sensitive financial information from its website last week was the result of a “hack”, admitting the problem stems from a weakness in its own disclosure procedures .
The issue also highlighted a potential flaw for other companies that only use slight – and easily guessed – variations on common URLs.
Intel’s leak came last Thursday, ahead of the expected after-market announcement of surprisingly strong fourth quarter results. The group’s shares rose steadily throughout the day before recovering in the final minutes of trading after Intel itself rushed earnings ahead of schedule.
George Davis, chief financial officer, told the Financial Times that Intel acted after discovering that its website had been ‘hacked’, leading to the release of an infographic containing details of its earnings outside the company . The company said as it investigated the incident and did not say its own procedures could have been to blame.
The company has since revealed that the information was “inadvertently made available to the public” before being “viewed by third parties”.
The infographic is believed to have been “staged” or prepared for publication by the company, which included adding the URL. It was not posted on Intel’s investor website, meaning there was no link to the information, although it was visible to anyone who guessed the URL. Intel uses very similar URLs each quarter for its financial information, making it relatively easy for outsiders to guess.
Bruce Schneier, an American cybersecurity expert, called Intel’s initial explanation for the leak a “pitiful excuse for hacking” because the company’s own actions had made it easier for someone to access information. a.
He added, however, that courts had previously ruled that guessing URLs for unpublished information was an offense under the Computer Fraud and Abuse Act, which prohibits anyone from “exceeding authorization” when checking out. access to a computer system. Mr. Schneier compared it to “rattling door handles” to see if anyone had left a door unlocked.
Intel said its “network has not been compromised and we have adjusted our process to avoid this in the future.”
#techFT brings you news, commentary and analysis on the big companies, technologies and issues shaping this fast-paced industry from specialists based around the world. Click here to receive #techFT in your inbox.