Cisco Probes System Hacking

Cisco began an investigation about a possible data leak after a message about the sale of stolen information of the company appeared on one of the hacker forums. Cisco confirmed the fact of the fact leaks to BleepingComputer.

The company representative said that Cisco is known that the unknown announces access to certain company files. An investigation is currently underway to evaluate the statements, but it has not yet been completed.

The hacking message first appeared from the famous attacker under the nickname “Intelbroker”, which claims that together with two other hackers, “Energyweaponuser” and “ZJJ”, hacking Cisco on June 10 and stole a large amount of data related to the development of products.

The stolen data includes GITHUB, Gitlab, SonarQube, source code, accounting data, certificates, customer SRCs, AWS Takes, Private SRC Cisco Takes, Docker Containers, Docker Takes, Docker Takes Zure, closed and open keys, SSL certificates, and Cisco Premium products information.

Intelbroker also posted samples of allegedly stolen data, including databases, customer information, and customer control screenshots. At the same time, the attacker did not specify how he managed to access the data.

According to sources familiar with the incident, the information was stolen from a third-party supplier of managed services for Devops and software development. At the moment, there is no exact data on whether penetration in Cisco is related to previous June incidents, including T-Mobile, AMD, and Apple. BleepingComputer turned to this supplier to confirm the possible cyber attack, but at the moment there was no answer from the company.