Apple, Intel, Google Employee Accounts Exposed in Data Breach of Developer Forum

The data comes from the Khronos Group, a non-profit that manages open standard APIs.

Joseph Cox

Joseph Cox

Image: Che Saitta-Zelterman

Hackers have stolen thousands of accounts from a developers' forum, including some belonging to Apple, Google, and Intel employees.

The data comes from the website of Khronos Group, a non-profit focused on the creation of open standard APIs for the playback of media files on various platforms and devices. The group manages Open Graphics Library (OpenGL), which is used by developers in everything from computer-aided design to video games.

"Khronos Membership puts your company at the forefront of the development of these APIs, and lets you collaborate with over 100 industry-leading member companies across the globe," the website reads.

Motherboard was provided a SQL file of just under 3,000 accounts for the site. The data includes usernames, email addresses, plaintext passwords, sign up IP addresses and dates, and in some cases physical addresses.

The data includes accounts for Google, Intel, Apple, EA, Panasonic, VMWare, IBM, Toshiba, Samsung, and Sony Ericsson employees, as well as many other companies. Motherboard understands that the data has likely been kept private among a group of hackers.

Eighteen out of 20 email addresses and usernames tested by Motherboard corresponded to accounts on the site. (This was done by attempting to create new accounts with them; if the email address or username was already in use, it was not possible to complete this process).

Three people in the dump, including a very prominent security researcher, confirmed to Motherboard that details such as their password or signup date and IP address appeared to be accurate.

It is not clear whether the hackers took the full database for the Khronos Group website, or only these 2,955 select accounts. (Each record is given a numerical "number ID," and some entries in the data stretch to an ID just under 7,000).

Motherboard provided Khronos Group with a copy of the data after the organisation responded to an initial email, but the group has not provided comment despite multiple follow-up emails.

One of the victims reached by Motherboard said that he generates passwords, likely creating unique ones for each site with a password manager. This means that whoever hacked this data couldn't then use the password in the dump to access other accounts. This was just one case, however: many of the other passwords very weak or predictable.

The lesson: If any of these tech employees used the same password on the Khronos Group website as on another service, then whoever managed to get hold of this data may have access other accounts. Of course, that also depends on whether two-factor-authentication has been enabled. Regardless, don't reuse passwords.

Another day, another hack.