Intel shed new light on its claim that the leak of sensitive financial information from its website last week was the result of a ‘hack’, admitting the problem stems from a weakness in its own disclosure procedures .
The issue also highlighted a potential loophole for other companies that only use slight – and easily guessed – variations on common URLs.
the Intel leaked came last Thursday, ahead of the expected post-market announcement of surprisingly strong fourth quarter results. The group’s shares rose steadily throughout the day before rebounding in the closing minutes of trading after Intel itself rushed earnings ahead of schedule.
George Davis, chief financial officer, told the Financial Times that Intel acted after discovering that its website had been “hacked”, causing an infographic with details of its earnings to be released outside the company. The company said at the time that it was investigating the incident and did not say its own procedures could have been to blame.
The company has since revealed that the information was “inadvertently made public” before being “viewed by third parties.”
The infographic is believed to have been “staged” or prepared for publication by the company, which included adding the URL. It was not posted on Intel’s investor website, meaning there was no link to the information, although it was visible to anyone who guessed the URL. Intel uses very similar URLs for its financial information each quarter, making them relatively easy for others to guess.
Bruce Schneier, an American cybersecurity expert, called Intel’s initial explanation for the leak a “poor excuse for hacking” since the company’s own actions had made it easier for someone to access information. .
He added, however, that the courts had earlier ruled that guessing URLs for unpublished information was a violation of the Computer Fraud and Abuse Act, which prohibits anyone from “exceeding authorization” when checking out. access to a computer system. Mr. Schneier compared it to “rattling door handles” to see if anyone had left a door unlocked.
Intel said that “their network has not been compromised and we have adjusted our process to avoid this in the future.”
#techFT brings you news, commentary and analysis on the big companies, technologies and issues shaping this fastest moving industries from specialists based around the world. Click here to get #techFT to your inbox.