Cisco takes its developer hub offline following data theft

2 weeks ago

(Image credit: Shutterstock / Valriya Zankovych)

Cisco has taken its DevHub website offline pursuing a cyberattack and a information leak incident. It besides played down nan worth of nan breach and said it unopen down nan tract “out of an abundance of caution”.

Recently, a known information leaker, othername IntelBroker, posted a caller thread connected nan infamous BreachForums, offering Cisco information for sale.

In nan thread, nan hacker credited EnergyWeaponUser and zjj for nan breach, and stated that nan archive includes Github projects, Gitlab projects, SonarQube projects, root code, hardcoded credentials, certificates, customer SRCs, confidential documents, Jira tickets, API tokens, AWS backstage buckets, Cisco Technology SRCs, Docker builds, Azure Storage buckets, backstage & nationalist keys, SSL certificates, and more.

Exposed API token

Cisco responded by saying it was investigating nan breach, and has now travel guardant pinch further information.

“Based connected our investigations, we are assured that location has been nary breach of our systems,” Cisco said. “We person wished that nan information successful mobility is connected a public-facing DevHub environment—a Cisco assets halfway that enables america to support our organization by making disposable package code, scripts, etc. for customers to usage arsenic needed. We person wished that a mini number of files that were not authorized for nationalist download whitethorn person been published.”

The announcement besides states location is nary grounds of personally identifiable accusation (PII) aliases financial information being exposed this way, but Cisco is continuing its investigation.

“Out of an abundance of caution, we person abnormal nationalist entree to nan tract while we proceed nan investigation.”

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

But IntelBroker disagrees that location was nary breach. Speaking to BleepingComputer, they said they gained entree to a Cisco third-party developer situation done an exposed API token. They besides told nan publication that they had entree to Cisco’s developer environment, and moreover shared screenshots arsenic proof.

“While Cisco continues to opportunity that nary systems were breached, everything we person seen does bespeak that a third-party improvement was breached, allowing nan threat character to bargain data,” nan publication concluded.

Via BleepingComputer

More from TechRadar Pro

Cisco investigates breach aft information put up for waste connected BreachForums
Here's a database of nan best firewalls today
These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

Source Technology