Cisco has confirmed to BleepingComputer that it’s investigating latest claims that it suffered a breach after a risk actor started promoting allegedly stolen information on a hacking discussion board.
“Cisco is conscious of stories that an actor is alleging to have gained entry to sure Cisco-related information,” a Cisco spokesperson informed BleepingComputer.
“Now we have launched an investigation to evaluate this declare, and our investigation is ongoing.”
This assertion comes after a widely known risk actor named “IntelBroker” mentioned that he and two others referred to as “EnergyWeaponUser and “zjj” breached Cisco on June 10, 2024, and stole a considerable amount of developer information from the corporate.
“Compromised information: Github tasks, Gitlab Tasks, SonarQube tasks, Supply code, exhausting coded credentials, Certificates, Buyer SRCs, Cisco Confidential Paperwork, Jira tickets, API tokens, AWS Non-public buckets, Cisco Expertise SRCs, Docker Builds, Azure Storage buckets, Non-public & Public keys, SSL Certificates, Cisco Premium Merchandise & Extra!,” reads the put up to a hacking discussion board.
Supply: BleepingComputer
IntelBroker additionally shared samples of the alleged stolen information, together with a database, buyer info, varied buyer documentation, and screenshots of buyer administration portals.
Nevertheless, the risk actor didn’t present additional particulars about how the information was obtained.
In June, IntelBroker started promoting or leaking information from quite a few corporations, together with T-Cell, AMD, and Apple. Sources accustomed to the assault informed BleepingComputer it was stolen from a third-party managed providers supplier for DevOps and software program improvement.
It’s unknown if the Cisco breach is expounded to the earlier June breaches.
BleepingComputer once more contacted this third-party vendor to substantiate in the event that they suffered a cyberattack however has not obtained a reply.
