Cisco Systems, Inc. recently addressed claims made by hackers that the business had just fallen victim to a cyberattack. Although a Cisco official clarified that the company is aware of the claims and is investigating, the company has not yet acknowledged that company data was hacked.
The hacker, under by the handle “IntelBroker,” claimed on the black-hat hacking website BreachForums that the data was taken on October 6, 2024.
“Today, I am selling the Cisco breach that recently happened (6/10/2024). Breached by IntelBroker, EnergyWeaponUser, and zjj,”
Among the major players on the list of businesses from which the attacker obtained data are Apple, Google, Microsoft, Amazon Web Services (AWS) and its IT centre, Citigroup, Alibaba, AT&T, Vodafone, and Bank of China.
Cisco’s Involvement to the claim
A representative for Cisco said that “Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files,”.”We have launched an investigation to assess this claim, and our investigation is ongoing.”
IntelBroker : Threat Actor
Since October 2022, IntelBroker, a black hat hacker from Serbia, has carried out multiple well-publicized cyberattacks. Targets have included Apple, Pandabuy, and Europol; they have been linked to over 80 compromised data releases and sales. They say they are living in Russia at the moment for security concerns.
Affected Data
A large amount of developer data for several Cisco clients, including well-known companies like Microsoft, Barclays, SAP, T-Mobile, AT&T, and Verizon, are purportedly impacted by the incident.
The exposed material contained source code, hardcoded credentials, certificates, API tokens, and more, according to a BreachForum post by IntelBroker.
Source code, hard-coded credentials, certificates, customer SRCs, Cisco confidential documents, Jira tickets, API tokens, AWS private buckets, Cisco technology SRCs, Docker builds, Azure storage buckets, private & public keys, SSL certificates, Cisco premium products, and more were among the compromised data, according to a post on IntelBroker.
