Cisco investigates breach after stolen data for sale on hacking forum
Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum.
"Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files," a Cisco spokesperson told BleepingComputer.
"We have launched an investigation to assess this claim, and our investigation is ongoing."
This statement comes after a well-known threat actor named "IntelBroker" said that he and two others called "EnergyWeaponUser and "zjj" breached Cisco on June 10, 2024, and stole a large amount of developer data from the company.
"Compromised data: Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!," reads the post to a hacking forum.
IntelBroker also shared samples of the alleged stolen data, including a database, customer information, various customer documentation, and screenshots of customer management portals.
However, the threat actor did not provide further details about how the data was obtained.
In June, IntelBroker began selling or leaking data from numerous companies, including T-Mobile, AMD, and Apple. Sources familiar with the attack told BleepingComputer it was stolen from a third-party managed services provider for DevOps and software development.
It is unknown if the Cisco breach is related to the previous June breaches.
BleepingComputer again contacted this third-party vendor to confirm if they suffered a cyberattack but has not received a reply.
source: BleepingComputer
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024Download: CIS Critical Security Controls v8.1
August 8, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024