Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Hacker Leaks Cisco Data

IntelBroker has leaked 2.9 Gb of data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total. 

Cisco data breach

A hacker has leaked data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total amount of files that was taken.

The notorious hacker IntelBroker announced in October that he and others had breached Cisco systems and obtained source code, certificates, credentials, confidential documents, encryption keys and other types of information. The hacker claimed to have obtained source code associated with several major companies. 

Cisco’s investigation showed that its systems had not been breached and that the data was actually obtained from a public-facing DevHub environment that serves as a resource center from where customers can obtain source code, scripts and other content. 

The networking giant noted that while a majority of the data hosted in the DevHub environment was public, the hackers also obtained some files that were not intended for public download and were inadvertently published on the site due to a configuration error. The downloaded data included files related to some CX Professional Services customers.

Cisco initially said it had no evidence that confidential information such as sensitive personal information or financial data was compromised, but it has since removed this statement from its incident reports. 

IntelBroker on Monday made available 2.9 Gb of data obtained from the Cisco DevHub instance, claiming that the leaked files pertain to Cisco’s Catalyst, IOS, Identity Services Engine (ISE), Secure Access Service Edge (SASE), Umbrella and WebEx products. 

The leaked data, posted on the BreachForums cybercrime forum, includes JavaScript, Python and other source code files, as well as certificates and library files.

The hacker claims to have downloaded 4.5 Tb of data from the DevHub instance. IntelBroker previously claimed that a total of 800 Gb of files were obtained, but the hacker is known to make claims that turn out to be exaggerated. 

Advertisement. Scroll to continue reading.

SecurityWeek reached out to Cisco last month for clarifications on the amount of data that was taken, but the company did not respond. 

In response to IntelBroker’s new leak, Cisco said on Tuesday that it’s aware of the hacker’s posts and the company believes the files they reference are the ones previously identified during its investigation. 

“As noted in prior updates, we are confident that there has been no breach of our systems, and we have not identified any information in the content that an actor could have used to access any of our production or enterprise environments,” Cisco said on Tuesday.

Related: Nokia Says Impact of Recent Source Code Leak Is Very Limited

Related: Amazon Employee Data Leaked by Hacker

Related: 760,000 Employee Records From Several Major Firms Leaked Online

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.