Cisco has confirmed to BleepingComputer that it’s investigating latest claims that it suffered a breach after a menace actor started promoting allegedly stolen information on a hacking discussion board.
“Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files,” a Cisco spokesperson informed BleepingComputer.
“We have launched an investigation to assess this claim, and our investigation is ongoing.”
This assertion comes after a well known menace actor named “IntelBroker” stated that he and two others referred to as “EnergyWeaponUser and “zjj” breached Cisco on June 10, 2024, and stole a considerable amount of developer information from the corporate.
“Compromised data: Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!,” reads the publish to a hacking discussion board.
Supply: BleepingComputer
IntelBroker additionally shared samples of the alleged stolen information, together with a database, buyer data, varied buyer documentation, and screenshots of buyer administration portals.
Nevertheless, the menace actor didn’t present additional particulars about how the info was obtained.
In June, IntelBroker started promoting or leaking information from quite a few firms, together with T-Cell, AMD, and Apple. Sources aware of the assault informed BleepingComputer it was stolen from a third-party managed providers supplier for DevOps and software program growth.
It’s unknown if the Cisco breach is expounded to the earlier June breaches.
BleepingComputer once more contacted this third-party vendor to substantiate in the event that they suffered a cyberattack however has not obtained a reply.
