Cisco investigates breach after data put up for sale on BreachForums

cisco logo
(Image credit: Shutterstock / Ken Wolter)

A known data leaker claims to have broken into Cisco and stolen sensitive data from the company.

A threat actor with the alias IntelBroker recently posted a new thread on the infamous BreachForums, offering Cisco data for sale, noting, “Today, I am selling the Cisco breach that recently happened (6/10/2024). Breached by IntelBroker, EnergyWeaponUser, and zjj."

As per the thread, the archive includes Github projects, Gitlab projects, SonarQube projects, source code, hardcoded credentials, certificates, customer SRCs, confidential documents, Jira tickets, API tokens, AWS private buckets, Cisco Technology SRCs, Docker builds, Azure Storage buckets, private & public keys, SSL certificates, and more.

IntelBroker

IntelBroker also shared a small sample as proof of their claims, but did not elaborate on how the breach was done.

When asked for a comment, Cisco told BleepingComputer it was investigating, stating, "Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files...We have launched an investigation to assess this claim, and our investigation is ongoing."

IntelBroker is a known leaker with a solid track record, so the breach could very well be legitimate. So far, the same hacker posted data belonging to T-Mobile, Home Depot, General Electric, and many others. Together with EnergyWeaponUser, the threat actor also allegedly breached AMD back in August 2024

However, they also had a few misses, such as the Europol breach that happened in early May this year. While advertised as a big deal, Europol played down its importance, saying that no operational data was obtained. The agency was still breached, though.

As is always the case with data breaches, this has left the affected parties at risk of identity theft, phishing attacks, and financial loss. Anyone concerned should stay vigilant and look into the best identity theft protection on offer.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.