AMD is investigating whether it suffered a cyberattack after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains AMD employee information, financial documents, and confidential information.

“We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data,” AMD told BleepingComputer in a statement.

“We are working closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data.”

The threat actor, IntelBroker, shared screenshots of some of the supposedly stolen AMD credentials but has yet to disclose how much they are selling it for or how it was obtained.

“Today, I’m selling the AMD.com data breach. Thanks for reading and enjoy!,” the threat actor says in a post on the hacking forum.

“In June 2024, AMD, a large computing company suffered a data breach. Compromised data: Future AMD products, Spec sheets, employee databases, customer databases, property files, ROMs, source code, firmware and finances.”

The threat actor also said that the data includes an employee database that contains user IDs, first and last names, job functions, business phone numbers, email addresses, and employment status.

IntelBroker is best known for the breach of DC Health Link, which led to a congressional hearing after it exposed the personal data of U.S. House of Representatives members and staff.

More recently, IntelBroker was behind the breach of the Europol Platform for Experts (EPE), a web portal used to share information between international law enforcement agencies.

In June 2022, AMD also investigated a breach by the RansomHouse extortion gang, who claimed to have stolen 450GB of data.