According to BleepingComputer, the extortion group "RansomHouse" had made mention on their Telegram social media account that they had attained and would be offering for sale data from "a well-known three-letter company that starts with the letter A."
The report goes on to state that while the data is listed as stolen on January 5th, 2022, that was only the date that the threat actors finally lost access to AMD's servers.
Although it is in their name, the group has told journalists that they did not use ransomware in the attack, or lock any data.
RansomHouse highlighted that many of the passwords on the employee accounts they grabbed were extremely weak, referring to "password," "123456" and "Welcome1" as passwords found used.
In a note posted on their website, the group wrote that "It is a shame those are real passwords used by AMD employees, but a bigger shame to AMD Security Department."
RansomHouse states that its "primary goal is to minimize the damage that might be sustained by related parties." The group's first high-profile leak was last December when they breached the Canadian Saskatchewan Liquor and Gaming Authority.