The infamous hacker group Inter Broker has successfully breached Cisco’s network, allegedly exfiltrating approximately 4.5TB of sensitive data associated with various Cisco products.
Cisco, a leading networking and IT giant, inadvertently left its DevHub instance exposed, enabling unauthorized access to sensitive systems.
This breach allowed threat actors identified as “@zjj,” “@IntelBroker,” and “@EnergyWeaponUser” to gain access to and download critical files, highlighting concerns over improper security measures at major institutions.
IntelBroker has recently claimed responsibility for a significant data breach at Cisco Systems, Inc and the hackers allege they have stolen a vast amount of sensitive information and are now offering it for sale on the dark web.
Cyber Press researchers learned that the initial samples shared by the group suggest the download primarily focuses on key Cisco software offerings, with a smaller total file size of 2.9 GB in the stolen archive.
The exposed data includes some of Cisco’s most important products, such as:
- Cisco C9800-SW-iosxe-wlc.16.11.01
- Cisco IOS XE & XR
- Cisco Identity Services Engine (ISE)
- Cisco Secure Access Service Edge (SASE)
- Cisco Umbrella
- Cisco Webex
Stolen Data Presented as Proof
In an effort to establish the legitimacy of their breach, the hackers have shared these files with the broader cybersecurity community.
The incident aims to garner attention from potential buyers for what is described as a “full version” of the stolen data, though complete details of the breach remain undisclosed.
If verified, the incident could pose significant risks to Cisco’s business, as its proprietary software and platforms may now be at risk of exploitation by malicious actors.
Additionally, customers and organizations relying on Cisco’s systems may face heightened security risks, including vulnerabilities in widely deployed products like Webex, SASE, and Umbrella.
This breach underscores the importance of robust security protocols, especially for systems housing critical software and configuration files.
Cisco has not yet issued a public comment regarding the scope of the breach, but cybersecurity experts are advising organizations utilizing Cisco technologies to stay alert and monitor for any emerging vulnerabilities or patches.
The Cisco breach adds to a growing list of incidents involving misconfigured DevOps environments, which often serve as valuable targets for attackers.
Open or improperly secured DevOps systems are becoming an increasingly common source of data leaks, underscoring the importance of stringent security measures in agile development practices.
For now, industry leaders and customers alike are closely watching Cisco for updates on the situation and measures it plans to take to secure its systems and prevent future breaches.
%20(1)%20(1).webp?w=218&resize=218,150&ssl=1 "Lokdal.in Database Allegedly Breached: Privacy Concerns Escalate")
.webp?w=218&resize=218,150&ssl=1 "Alleged Binance Data Breach Exposes Sensitive Information of 139,000 Users")
.webp?w=218&resize=218,150&ssl=1 "Alleged Sale of US Government Maritime Database Access Sparks Security Concerns")
.webp?w=218&resize=218,150&ssl=1 "Massive Data Breach Exposes 2.5 Million Login Credentials, Sparks Global Security Concerns")
%20(1)%20(1).webp?w=218&resize=218,150&ssl=1 "Telcel Database Allegedly Leaked: Privacy Concerns Surge in Mexico")
