Key Takeaways
- Cisco is looking into allegations of illegal access to client and business information.
- As a precaution, the business briefly shut down its DevHub portal that was accessible to the public.
- The business acknowledges that some files were accessed.
After a threat actor claimed to have used a programming interface weakness to obtain company and customer data, Cisco opened an investigation into a possible cybersecurity issue.
Publicly acknowledging the incident, the networking business emphasized that it takes these kinds of claims seriously and that it has enlisted law authorities to help with the investigation.
Cisco’s Reaction to Threat Actor’s Claims
When a hacker named IntelBroker claimed to have obtained access to Cisco’s developer environment by using an unprotected API token, the event became well-known.
Cisco’s public DevHub, a third-party resource center that provides clients with software code and scripts, is connected to this environment. Azure storage buckets, GitHub projects, source codes, and more are among the data affected.
Concerns over the security of Cisco’s developer resources were raised when IntelBroker allegedly tried to sell stolen data and source code on internet forums.
Although Cisco acknowledged that a small number of data points that were not meant for public download had been viewed, the company said in an updated statement that there is no proof of a breach in its systems.
Consequently, the DevHub website is no longer accessible to the general public. However, current results indicate that no financial or sensitive personal data has been compromised. Cisco is still looking into the incident’s extent.
Significantly, IntelBroker revealed that they had now completely lost access to Cisco’s resources, saying, “Cisco finally revoked all our access.” Shut down our SSH access, Maven hub, and Docker.
Previously, the hacker had released screenshots that they claimed to have taken from Cisco’s developer materials.
Cisco maintains that its systems have not been compromised in spite of these allegations, and it has advised clients who have any concerns to get in touch with its Product Security Incident Response Team (PSIRT) for support.
Constant Difficulties for Tech Firms
This occurrence is consistent with more general cybersecurity issues. Cisco’s cybersecurity readiness index, which polled 8,000 business and security executives in the private sector, was published in late March.
According to the research, only 3% of firms globally have the “mature” level of cybersecurity preparation required to withstand contemporary hazards, down from 15% the year before, and 54% had experienced a cyberattack in the past year.
