Cisco Investigates Breach After Stolen Data For Sale On Hacking Forum (bleepingcomputer.com) 9
Longtime Slashdot reader mprindle shares a report from BleepingComputer: Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. [...] This statement comes after a well-known threat actor named "IntelBroker" said that he and two others called "EnergyWeaponUser and "zjj" breached Cisco on October 6, 2024, and stole a large amount of developer data from the company.
"Compromised data: Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!," reads the post to a hacking forum. IntelBroker also shared samples of the alleged stolen data, including a database, customer information, various customer documentation, and screenshots of customer management portals. However, the threat actor did not provide further details about how the data was obtained.
"Compromised data: Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!," reads the post to a hacking forum. IntelBroker also shared samples of the alleged stolen data, including a database, customer information, various customer documentation, and screenshots of customer management portals. However, the threat actor did not provide further details about how the data was obtained.
Re: (Score:3)
How are those last few rounds of layoffs working out for you, Cisco? I never understood why Corporations of this scale expect loyalty from NDA's and other legal agreements after they shit-can staff with the breeze. The "Dark Web" is rife with disgruntled stakeholders. The key to successful business is to maintain relationships beyond the transactional. People take "Just Business" attitudes personally, so its no surprise the "E-shification" of Cisco looks like this.
They just came in (Score:1)
through the backdoor and stole it.
Bug fixes on the way! (Score:5, Insightful)
As a former (angry) Cisco customer, my hope is they stole the code so they could fix all the stupid broken shit Cisco is too incompetent / apathetic to do anything about and release it to the wild.
Free code from black hats can't be any worse than what Cisco already ships.
Oh, and maybe the black hats will also offer a support and license contract that makes more sense than Cisco's.
One can only hope.
So CISCO did not even notice? (Score:2)
Figures. Microsoft did not notice that Exchange Online was completely compromised in 2023 either. These companies are getting less and less capable. Boeing comes to mind.
Add Change Healthcare CHC to being hacked (Score:2)
The cause (Score:3)
What did these idiots do, run their company on Cisco software? Of course they got hacked.