Cyber Crime
Cisco Products at Risk? Company Confirms Source Code, Scripts, and Digital Certificates Hacked
Cisco has acknowledged that over 4 GB of data leaked by a hacker named IntelBroker is authentic but stresses no breach of its core systems occurred. The data was taken from a public-facing resource center, confirming its connection to a previously disclosed incident.
Cisco has officially confirmed the authenticity of more than 4 GB of sensitive data leaked by a hacker going by the alias IntelBroker. The tech giant, however, emphasized that its internal systems remain uncompromised. The leaked data, initially disclosed on October 14, 2024, was obtained from a public-facing Cisco DevHub environment, not its secure enterprise systems.
The DevHub served as a repository for source code, scripts, and other resources provided to customers. While much of the data hosted in this environment was already publicly accessible, some files, including encryption keys, certificates, and credentials, were inadvertently exposed and subsequently leaked.
IntelBroker initially claimed to have exfiltrated 800 GB of files but later revised the figure to 4.5 TB. The first batch of approximately 3 GB was made available in mid-December, followed by a second release on Christmas Day, bringing the total to over 4 GB.
Cisco’s internal investigation clarified that no unauthorized access to its production or enterprise systems occurred. The company stated, “There has been no breach of our systems, and we have not identified any content that could have been used to compromise our operations.” This statement aligns with earlier updates, confirming that the incident was limited to the DevHub instance.
The exposed data includes:
- Source code and scripts related to Cisco products.
- Digital certificates and encryption keys.
- Configuration files not intended for public distribution.
The company reiterated its commitment to robust security measures and promptly removed the affected resources from the DevHub to prevent further unauthorized access.
IntelBroker continues to publicize the incident, claiming it highlights security lapses in Cisco’s handling of public-facing resources. As of now, Cisco has assured its customers that no sensitive personal or financial data has been compromised.
