Cisco data breach Sensitive personal information (PII) Source code leak IntelBroker hacker DevHub environment

Cisco Data Breach: DevHub Environment Investigation

Introduction

The recent Cisco data breach has drawn attention after a hacker, known as IntelBroker, claimed to have accessed sensitive data from the company. This incident prompted Cisco to launch an investigation, which later revealed the source of the breach to be a public-facing DevHub environment. Cisco has provided updates to reassure users and the public about the security of their systems.

Details of the Cisco Data Breach

On October 14, a hacker named IntelBroker announced a Cisco breach on a popular cybercrime forum. The hacker claimed to have stolen a variety of files, including GitHub and SonarQube projects, source code, hardcoded credentials, confidential documents, encryption keys, API tokens, and AWS private buckets. IntelBroker also shared screenshots as evidence, showing access to management interfaces, internal databases, and customer information. The hacker alleged that these files included data from other major corporations such as Microsoft, AT&T, and Verizon.

Cisco's Investigation and Findings

Following these claims, Cisco immediately launched an internal investigation to determine the extent of the breach. According to Cisco’s findings, no internal systems were breached. Instead, the hacker accessed data stored in a public-facing DevHub environment, a resource centre designed for sharing software code and materials with customers. Cisco confirmed that some files, which were not intended for public download, had been accessed. However, there was no evidence that sensitive personal information (PII) or financial data was compromised.

Advertisement Know Tech News

Proof of Data Exposure

To back up their claims, IntelBroker released screenshots showing access to source code, internal documents, and databases containing customer information. Despite these allegations, Cisco emphasized that the source code leak and accessed files did not include any sensitive or critical customer data.

Cisco’s Response and Security Measures

In response to the breach, Cisco temporarily disabled public access to the DevHub environment while it continues to investigate. Cisco has assured customers that no core systems were affected and that the files accessed by the hacker were not crucial to customer security. The company remains confident that the breach’s impact is limited to the DevHub environment.

Advertisement Know Tech News

Conclusion

While the Cisco data breach caused concern, the company’s prompt investigation revealed that the incident was contained in its public-facing DevHub environment. No critical systems or customer data were compromised, and Cisco is taking the necessary steps to address vulnerabilities and prevent future breaches.

FAQs

The hacker claimed to have accessed GitHub and SonarQube projects, source code, hardcoded credentials, confidential documents, and API tokens from the DevHub environment.

Cisco’s investigation found no evidence that sensitive personal information (PII) or financial data was compromised.

The DevHub environment is a resource center where Cisco shares software code and other materials for customers to use.

Cisco temporarily disabled access to the DevHub environment and continues to investigate the incident to ensure no further vulnerabilities.

IntelBroker claimed to have data from companies like Microsoft, AT&T, and Verizon, but these claims have not been confirmed by Cisco or other companies involved.

Facebook
Twitter
WhatsApp
Telegram

Loading

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x