"Cisco Confirms Security Incident After Hacker Offers to Sell Data"

Cisco recently confirmed that some of its files have been stolen after a hacker offered to sell information allegedly belonging to the company.  The hacker known as IntelBroker on October 14 announced a “Cisco breach” on a popular cybercrime forum.  IntelBroker claimed to have obtained GitHub and SonarQube projects, source code, hardcoded credentials, certificates, confidential documents, Jira tickets, API tokens, AWS private buckets, encryption keys, and other types of information.  IntelBroker also claimed to have obtained source code associated with major companies such as Microsoft, AT&T, Verizon, Chevron, BT, SAP, T-Mobile, and Bank of America. After learning of the claims, Cisco launched an investigation.  The probe is ongoing, and so far, Cisco said it was confident its own systems were not breached.  Instead, the company said the hacker obtained the data from a public-facing DevHub environment.  DevHub is a content management and marketing solution, and Cisco described the compromised environment as a resource center used to make available source code, scripts and other content for customers.

SecurityWeek reports: "Cisco Confirms Security Incident After Hacker Offers to Sell Data"