Intel Computer Chip Security Flaw Lawsuit
In 2018, tech researchers discovered security flaws in Intel computer chips which used multithreading or “hyperthreading” to increase speed and efficiency. This allows computer processes to share data between applications while a system was working. This may also have allowed one process to see or even, “steal” data from another application. In a larger system such as a network, data could be shared or even stolen between systems across the whole platform in some cases.
While security patches have been developed and installed by many individual users, the patches blocked multithreading which slowed computer processing and were not installed by other users. In addition, it has become evident that even if some systems were patched, others may not have been – placing all computers within the network at potential risk.
Companies and individuals whose businesses consist of or rely on network systems, cloud-based computing or other computer networks may have been at risk of data security breach or data loss and may be filing Intel Computer Security Flaw Lawsuits to seek compensation for damages.
Intel Meltdown & Spectre Security Flaws Consumer Lawsuit
In addition to businesses who may be seeking compensation, individuals are filing lawsuits as well. Seeger Weiss LLP is co-leading the nationwide lawsuit against Intel Corp., on behalf of consumers who purchased computers and other devices containing Intel computer chips. Plaintiffs claim that the company’s processors suffer from inherent security flaws, and that their downloadable “patch” considerably slows processing speeds and does not even fix the security vulnerabilities.
Some experts have stated that the only way to ensure the problem is fixed, is by replacing the hardware – a solution that has extreme implications as it may involve replacement of nearly every piece of computer equipment in use.
Intel Security Flaws
Serious security flaws in most Intel computer processors were discovered last year by Google’s Project Zero team in conjunction with researchers from several countries, potentially impacting millions of computers, servers, cloud operating systems and cellphones that were made over the last decade. The flaw allowed for hackers to take advantage of resource sharing known as “multithreading” which allows a computer system to share resources across programs, processes or applications.
Through the shared “multithreading”, these flaws, known as “Meltdown” and “Spectre,” allow for opportunistic data breach so that information can be stolen from one application using the same “thread” as another. This allows malware and hackers to access information such as login keys, usernames, passwords, cached files, and any other sensitive information stored on or entered into a computer, potentially leading to identify theft, fraud, credit and reputational harm, erroneous tax claims, and extortion, among other things.
In addition to the problems experienced by one computer or device user, it also affects larger networks. Multithreading can affect unrelated computers in a network or cloud-based atmosphere, and data can be stolen across systems even if “most” of the computers in that network may have been protected.
When spread across a multi-system platform such as a cloud service, the problem grows exponentially and could potentially expose businesses to serious financial and legal risk from security breach and data loss.
Security Patch Slowdown
Upon being revealed, Intel offered a software “patch” update to resolve the issue, essentially by shutting down the multithreading process. But, in addition to being partially ineffective—“Spectre” can only be fixed by replacing the hardware (physical chip)—the patch significantly degrades the performance of the chips. Depending on use, it may slow down a computer or device by as much as 50%. This decreased performance may have resulted in many users choosing not to install the patch.
Unfortunately, it appears that a few unprotected devices within a network may compromise other devices or systems, even if those systems are protected. Aside from the individual’s risk to data loss, the risk to businesses is exponentially higher.
Virtually every device sold since 1995 may be affected, including computers, laptops, servers, tablets, and smartphones, from all manufacturers and using almost any operating system. This affects millions of consumers, including individuals, businesses and organizations of all sizes, academic institutions, financial institutions, hospitals and healthcare providers, government departments and agencies, and other consumers throughout the U.S.
Unprecedented in scope, this is considered one of the worst and most widespread design flaws ever found, expected to affect untold millions of users. Consumers collectively paid billions of dollars for Intel’s defective 86-64x CPUs, which the company touted as premium products using breakthrough technology, featuring unmatched performance and security. Though cloud-based computing has expanded technological advances immensely, it may have also placed each individual system at risk of flaws in other network systems. A company formed on or using server farms, cloud services or other network system may be at risk of compromise by all of the other computers in that system.
Shockingly, it is also possible that Intel either knew or had reason to believe that a security defect existed in its CPUs for months or even years before disclosing the fact to consumers, thereby defrauding them as well as willfully exposing them to a multitude of risks and injuries, considering computers’ widespread and diverse use.
This breach may affect the majority of computers manufactured after 1995 and a majority of servers installed since 2008. Some experts are suggesting that the only solution is complete replacement of all processors using Intel chips. Businesses built or using cloud providers, server farms or business networks may still be at risk from the cloud or other computers and should seek legal assistance.
Current consumer litigation against Intel “In re Intel Corp. CPU Marketing, Sales Practices and Products Liability Litigation, MDL No. 2828 (D. Oregon)” claims that its processing chips were defective and inferior products that lacked the quality and capability it continuously represented in its sales and marketing materials. As such, Intel violated state deceptive trade practice statutes and warranty and tort laws by making and selling them. Plaintiffs’ claims include breach of warranty and implied warranty, violations of state consumer protection laws, fraud and fraudulent concealment, negligence, restitution, and unjust enrichment.
Businesses, Cloud Providers and Server Farms whose systems or services use Intel Multithreading (Intel x86-64x central processing units) could be eligible for financial compensation.
If you believe your business is at risk due to compromised Intel chips, Contact us today for a free consultation.
- Running on Intel? If you want security, disable hyper-threading, says Linux kernel maintainer, The Register (10/2019)
- A major new Intel processor flaw could defeat encryption and DRM protections, TheVerge (06/2020)