Hackers’ Claims:
A second batch of data extracted from Cisco by the group known as IntelBroker has been released, totaling 4.84 GB, a fraction of the alleged 4.5 TB stolen during the breach in October 2024. This latest data dump was made public on Breach Forums on Christmas Eve, revealing a wealth of sensitive information acquired from the tech giant. The leaked data includes a variety of files, ranging from software artifacts and network configurations to testing logs, cloud server images, and cryptographic signatures, all of which contribute to the exposure of Cisco’s intellectual property and internal operational insights.
Misconfigured Resource Exploitation:
The source of this sensitive data can be traced back to a misconfigured DevHub resource that was left unsecured by Cisco, providing hackers with easy access to download the entirety of the data. This oversight in security measures allowed IntelBroker to exploit the misconfiguration and extract a massive amount of information. The first part of the data leak, which occurred in December 2024, included 2.9 GB of files and served as a precursor to the larger breach.
Cisco’s Response:
In response to these allegations, Cisco has acknowledged the incident and stated that public access to the compromised resource has been disabled. They maintain that none of their servers were directly breached and deny that any sensitive data was compromised. Despite these claims, IntelBroker contests the company’s assertions and continues to leak information obtained from the breach, casting doubt on Cisco’s ability to secure their systems effectively.
IntelBroker’s Track Record:
IntelBroker, the hacker group behind the Cisco breach, has a history of targeting high-profile organizations and extracting sensitive data from them. Their previous exploits include breaches of Apple Inc., AMD, and even Europol, demonstrating a consistent pattern of exploiting misconfigured systems to gain unauthorized access. The ongoing exploitation of vulnerabilities in cybersecurity systems highlights the importance of robust security measures to prevent further data breaches.
The release of this second batch of data by IntelBroker emphasizes the persistent threat posed by hackers to organizations that fail to adequately secure their systems. The exposure of Cisco’s internal files and operational data serves as a stark reminder of the importance of cybersecurity in safeguarding sensitive information. As hackers continue to target companies with lax security measures, it is incumbent upon organizations to prioritize cybersecurity and implement robust defenses to prevent future breaches. The ongoing battle between hackers and cybersecurity professionals underscores the need for constant vigilance in the face of evolving cyber threats.