Cisco Investigates Potential Security Breach

byRohit Published:
Key Takeaways

  • Cisco is looking into claims that someone may have accessed customer and company data without permission.
  • As a safety measure, they temporarily took down their public DevHub portal.
  • The company has confirmed that some files were accessed.


    • Cisco Investigates Potential Security Breach

    Cisco is currently investigating a possible security issue after a hacker claimed to have gotten into company and customer data by exploiting a vulnerability in their programming interface.

    The well-known networking company made the situation public, emphasizing how seriously they take the matter. They’ve already brought in law enforcement to help with the investigation.


    Hacker's Claims and Cisco’s Response

    The issue came to light when a hacker, known as IntelBroker, claimed they breached Cisco’s developer environment by using an exposed API token. This environment connects to Cisco’s public DevHub, where customers can find software codes and scripts. The data reportedly affected included source codes, GitHub projects, Azure storage, and more.

    IntelBroker allegedly tried to sell the stolen data on online forums, which sparked concerns about the security of Cisco’s developer resources.

    Cisco, however, has responded with a measured approach. They’ve stated that while some files were accessed, there’s no evidence of a system-wide breach. The files that were accessed weren’t meant to be publicly available, but they were not highly sensitive or personal.

    As a precaution, they’ve disabled public access to their DevHub site. So far, they haven’t found any proof that personal information or financial data was compromised, but they’re still looking into it.

    In a notable update, IntelBroker admitted their access to Cisco’s resources had been completely revoked, stating, “Cisco finally revoked all our access. Closed our Docker, Maven hub, and SSH access.” Before this, the hacker had even shared screenshots showing what they claimed was their access to Cisco’s developer resources.

    Despite these bold claims, Cisco stands by its statement that there has been no breach of its core systems. They’ve encouraged any concerned customers to reach out to their Product Security Incident Response Team (PSIRT) for further guidance.


    Ongoing Challenges for Tech Companies

    This incident is part of a broader challenge faced by tech companies in cybersecurity. Just recently, in March, Cisco published its Cybersecurity Readiness Index, surveying 8,000 security and business leaders in the private sector.

    The findings are concerning. More than half (54%) reported that they had experienced a cyberattack in the last year. Even more troubling is the fact that only 3% of organizations worldwide are considered to have a "Mature" level of cybersecurity readiness. This is a significant drop from 15% the previous year, showing just how much work still needs to be done in the fight against cyber threats.


    It’s clear that cybersecurity is an ongoing battle, not just for Cisco, but for the entire tech industry. While Cisco works hard to protect its systems and its customers, incidents like this show how relentless the threats can be. But with their swift action and commitment to transparency, Cisco shows they’re ready to face these challenges head-on.

    Tags:

    You might like

    View all
    Previous Post Next Post
    Share to other apps
    Copy Post Link