Cyber Security News reports:
A series of critical vulnerabilities across multiple internal Intel websites allowed for the complete exfiltration of the company’s global employee database and access to confidential supplier information.
The flaws, stemming from basic security oversights, exposed the personal details of over 270,000 Intel employees and workers.
The investigation from Eaton Works revealed that at least four separate internal web applications contained severe security holes, including client-side authentication bypasses, hardcoded credentials, and a lack of server-side validation.
These vulnerabilities provided four distinct pathways for an unauthorized user to download the entire employee database.
Read more at Cyber Security News.
