IntelBroker leaked Cisco data: 2.9 GB of confidential information in the public domain

18 December 2024 1 minute Author: Newsman

On December 16, 2024, the IntelBroker hacker released 2.9 GB of data stolen from Cisco’s public DevHub portal. The leak was part of a wider breach involving about 4.5 TB of data. Criminals including “@zjj” and “@EnergyWeaponUser” exploited an open API token vulnerability to gain access to sensitive information.

Stolen data includes:

  • Source code of projects from GitHub, GitLab and SonarQube.
  • Hard-coded credentials, certificates and API tokens.
  • Cisco documents, Docker builds, SSL certificates.
  • AWS and Azure cloud storage.
  • Cisco encryption keys and premium products.

The hackers first announced the breach on BreachForums and published the data, including files related to Cisco IOS XE & XR, Cisco Webex, and Cisco Umbrella, to back up their claims. IntelBroker also claimed that the stolen data included information from companies such as Microsoft, AT&T, Bank of America and Vodafone.

Cisco acknowledged this, but said its mission-critical systems were not affected. The leak occurred due to a misconfiguration of the DevHub portal, which provides developers with access to resources such as code and APIs. The company temporarily shut down access to DevHub and cooperated with law enforcement and cybersecurity experts. Cisco emphasized that the stolen data did not contain any financial or personally identifiable information (PII).

Other related articles
News
Read more
Two men arrested for flying drone near Boston airport
Main text Two men were arrested for flying a drone near Boston's Logan Airport. The incident is part of a growing crisis over unidentified aerial objects (UFOs) that are shutting down airports and military bases in the United States. Government officials are calling for improved drone surveillance technology to ensure safety.
70
News
Read more
Pornhub has been banned in Florida
### Florida's new age verification law will block Pornhub starting in January 2025. Aylo, which owns the platform, says these measures pose a privacy risk and are ineffective. Similar laws are already in place in other states, which has resulted in reduced traffic and users switching to unsafe platforms. This has sparked a debate about child protection and online privacy.
77
Found an error?
If you find an error, take a screenshot and send it to the bot.