Cisco investigates breach after data put up for sale on BreachForums

IntelBroker and friends are selling yet another archive

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A known data leaker claims to have broken into Cisco and stolen sensitive data from the company.

A threat actor with the alias IntelBroker recently posted a new thread on the infamous BreachForums, offering Cisco data for sale, noting, “Today, I am selling the Cisco breach that recently happened (6/10/2024). Breached by IntelBroker, EnergyWeaponUser, and zjj."

As per the thread, the archive includes Github projects, Gitlab projects, SonarQube projects, source code, hardcoded credentials, certificates, customer SRCs, confidential documents, Jira tickets, API tokens, AWS private buckets, Cisco Technology SRCs, Docker builds, Azure Storage buckets, private & public keys, SSL certificates, and more.

IntelBroker

IntelBroker also shared a small sample as proof of their claims, but did not elaborate on how the breach was done.

When asked for a comment, Cisco toldBleepingComputerit was investigating, stating, “Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files…We have launched an investigation to assess this claim, and our investigation is ongoing.”

IntelBroker is a known leaker with a solid track record, so the breach could very well be legitimate. So far, the same hacker posted data belonging toT-Mobile,Home Depot, General Electric, and many others. Together with EnergyWeaponUser, the threat actor also allegedlybreached AMDback in August 2024

However, they also had a few misses, such as theEuropol breachthat happened in early May this year. While advertised as a big deal, Europol played down its importance, saying that no operational data was obtained. The agency was still breached, though.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

As is always the case with data breaches, this has left the affected parties at risk of identity theft, phishing attacks, and financial loss. Anyone concerned should stay vigilant and look into thebest identity theft protectionon offer.

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Australian Beach Volleyball Tour live stream: How to watch bronze and gold medal matches online for free, finals, start time