Cisco is currently under investigation for allegations of data theft and selling by cyber criminals. The thieves, known as IntelBroker, claim to have stolen sensitive information from Cisco, including various files and data. These claims surfaced on BreachForums, with the data thief boasting about breaching Cisco with the help of accomplices and offering the stolen data for sale on the dark web.
The stolen data reportedly includes GitHub and GitLab projects, source code, confidential documents, API tokens, SSL certificates, and more. While Cisco has confirmed the investigation, they have not provided specific details about the breach, such as when it occurred. IntelBroker, along with two other individuals named EnergyWeaponUser and zjj, claimed the breach took place on June 10.
The extent of the breach allegedly involves major companies such as AT&T, Verizon, T-Mobile US, Chevron, Microsoft, Vodafone, and SAP, among others. SAP acknowledged the post about the breach but stated that they are currently investigating the claims. However, another listed victim mentioned that they have found no evidence of stolen data from the supposed heist.
It is unclear whether this incident is connected to a previous CosmicSting attack on Cisco’s Magento-based merch site. In that instance, Cisco stated that the issue had been resolved and only affected a limited number of users. Despite the unverified claims made by IntelBroker, their track record of selling sensitive information from companies like AMD, US Army Aviation and Missile Command, Europol, the Pentagon, and other national security agencies raises concerns about their credibility.
The ongoing investigation into the alleged data theft from Cisco highlights the growing threat of cybercrime and the need for organizations to enhance their cybersecurity measures. As cyber criminals continue to target high-profile companies and institutions, it is crucial for businesses to prioritize data security and implement robust defense mechanisms to protect themselves from such breaches. Cisco, along with other affected companies, must work diligently to address any vulnerabilities and prevent future attacks that could compromise sensitive information and harm their reputation.