Hacker Claims to Have Stolen a Massive Amount of Cisco's Internal Confidential Data and Plans to Sell It, Including Source Codes and Various Keys
Brook.X
A hacker named IntelBroker (unrelated to Intel) has posted on the dark web hacker forum BreachForums (the reincarnation of a forum previously shut down by the FBI) claiming to have stolen a vast amount of internal confidential data from the network equipment manufacturer Cisco.
This hacker has some notoriety, as they have attacked other companies before and attempted to sell their data, though it is unclear if those sales were successful.
The stolen Cisco data includes:
- Various project data of Cisco on GitHub
- Various project data of Cisco on GitLab
- Numbers of Cisco's SonarQube projects
- Some of Cisco's product source codes
- Hardcoded credentials for some Cisco products
- Digital certificates/digital signatures for some Cisco products
- Cisco's internal confidential documents
- Cisco's Jira credentials
- Some of Cisco's network facility API tokens
- Data from Cisco's private storage buckets on AWS
- Some data from Cisco's Security Response Center
- Some of Cisco's Docker builds
- Storage buckets of Cisco on Microsoft Azure
- Various private keys, public keys, SSL certificates of Cisco
From the data listed by the hacker, it seems they are attempting to take a significant toll on Cisco. IntelBroker claimed the attack was carried out in collaboration with two other hackers (named EnergyWeaponUser and zjj), with the intrusion occurring on June 10, 2024.
They also provided some data samples in the post, including databases, customer information, various customer documents, and screenshots of the customer management portal.
Cisco has been caught off guard by these claims, stating they have noticed a hacker claiming to have stolen internal company data, but they need time to investigate and confirm the situation. They will release more information as it becomes available.
Given IntelBroker's past posts, their credibility seems relatively high. However, as a manufacturer of networking equipment and software solutions provider, Cisco is expected to have high internal security levels, making it unlikely that such a vast amount of data could be stolen. Therefore, the specifics will have to wait for further updates.
