Hackers Leak Partial Cisco Information from 4.5TB of Uncovered Information

SUMMARY:

  • Partial Information Leak: Hackers leaked 2.9GB of Cisco’s knowledge on Breach Boards on December 16, 2024.
  • Uncovered Information: The leaked knowledge is a part of a 4.5TB dataset that was allegedly left unprotected by Cisco in October 2024.
  • Earlier Incident: IntelBroker beforehand claimed accountability for accessing the uncovered knowledge and tried to promote it, together with delicate info from corporations like Verizon, AT&T, and Microsoft.
  • Cisco’s Response: Cisco beforehand denied any compromise of core techniques, attributing the difficulty to a misconfigured public-facing DevHub useful resource.
  • Proof of Legitimacy: IntelBroker launched this partial leak to display the validity of their claims and entice consumers for the remaining knowledge.

RIBridges Breach: Hackers infiltrated Rhode Island’s well being and advantages system, demanding ransom and threatening to leak delicate knowledge.

On Monday, December 16, 2024, hackers leaked what they known as “partial data” belonging to expertise and cybersecurity large Cisco. The leak occurred on the cybercrime and knowledge breach platform Breach Boards, the place IntelBroker, a infamous hacker and the discussion board’s proprietor, launched 2.9 GB of knowledge for obtain.

Vital Background

The leaked knowledge is a part of the 4.5TB content material that hackers declare was left uncovered by Cisco with none password safety or safety authentication, permitting them to obtain your entire dataset in October 2024.

Hackread.com solely reported on the incident on October 14, 2024, when IntelBroker tried to promote the info, which allegedly included supply codes, confidential paperwork, and credentials belonging to international companies like Verizon, AT&T, Microsoft, and others.

On the time, Cisco didn’t reply to Hackread.com however denied any compromise of their core techniques, attributing the incident to a misconfigured public-facing DevHub useful resource. Nevertheless, IntelBroker maintained that they had entry till October 18 and supplied proof to Hackread.com displaying they exploited an uncovered token for JFrog, a software program provide chain platform, to entry the uncovered content material.

What’s within the Leaked Information?

This time, IntelBroker has leaked a portion of the info in an try and show its legitimacy to potential consumers. “Hopefully, this proves the legitimacy of the breach to others wanting to buy the full version,” the hacker acknowledged.

The two.9GB leak reportedly accommodates the next:

  • Cisco ISE (Identification Companies Engine): A safety coverage platform that gives safe community entry management and id administration.
  • Cisco SASE (Safe Entry Service Edge): A cloud-delivered resolution that mixes networking and safety capabilities for safe entry from wherever.
  • Cisco Webex: A collaboration platform providing video conferencing, messaging, and calling options for groups and companies.
  • Cisco Umbrella: A cloud-based DNS safety resolution that protects customers from threats by securing web entry and blocking malicious domains.
  • Cisco IOS XE & XR: Community working techniques utilized in Cisco routers and switches, enabling superior networking, automation, and programmability.
  • Cisco C9800-SW-iosxe-wlc.16.11.01: A software-based Wi-fi LAN Controller (WLC) picture that manages and controls wi-fi networks operating on Cisco Catalyst 9800 Sequence platforms.

Right here’s a screenshot from Breach Boards displaying what the hackers have leaked and the claims they’re making:

IntelBroker on Breach Boards (Screenshot credit score: Hackread.com)

Intel Dealer and Earlier Breaches

Intel Dealer is understood for high-profile knowledge breaches. In June 2024, the hacker claimed to have breached Apple Inc., stealing supply code for inside instruments. The identical hacker boasted about breaching AMD (Superior Micro Units, Inc.), and stealing worker and product info.

In Could 2024, Intel Dealer hacked Europol, a breach that the company later confirmed. A number of the hacker’s earlier knowledge breaches are listed under:

However, the partial leak goes on to point out ongoing exploitation of misconfigured techniques and uncovered knowledge. The dimensions of exploitation is clear, as even high-profile hackers like ShinyHunters and Nemesis have focused misconfigured servers and S3 buckets.

Whereas Cisco has but to reply to this newest growth, IntelBroker’s actions additionally present how such incidents can escalate into extortion makes an attempt. Whether or not the remaining 4.5TB dataset can be bought, leaked, or resolved stays to be seen, nevertheless it’s a reminder for organizations to keep up their safety practices and defend delicate knowledge.

  1. IntelBroker Declare Entry to Nokia Inside Information, Promoting for $20K
  2. Europol Hacked: IntelBroker Claims Main Legislation Enforcement Breach
  3. IntelBroker House-Eyes Breach, Concentrating on US Nationwide Safety Information
  4. IntelBroker Claims Breach of Prime Cybersecurity Agency, Promoting Entry
  5. AMD Information Breach: IntelBroker Claims Theft of Worker, Product Data

Recent articles

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...

Hackers Use Pretend PoCs on GitHub to Steal WordPress Credentials, AWS Keys

SUMMARY Pretend PoCs on GitHub: Cybercriminals used trojanized proof-of-concept (PoC)...