Intel Broker Claims Major Cisco Breach, Selling Source Code and Confidential Data Linked to Global Firms
Intel Broker, a notorious hacker known for high-profile data breaches, has claimed responsibility for a major cyberattack on Cisco Systems, Inc. According to a post on the cybercrime platform Breach Forums, the hacker allegedly stole a significant amount of sensitive information, including source codes, credentials, and confidential documents from Cisco and its partners.
The breach reportedly took place on October 10, 2024, with the hacker’s post surfacing on Breach Forums on October 14, 2024.
What Was Stolen?
The Hackread.com research team reviewed the data listed by Intel Broker, which allegedly includes:
- Source Code: Projects from GitHub, GitLab, and SonarQube, central to Cisco’s development.
- Hard-Coded Credentials: Login information embedded directly within source code.
- Certificates & Encryption Keys: SSL certificates and private/public keys essential for secure communications.
- Confidential Documents: Internal files labeled as “Cisco Confidential.”
- API Tokens & Cloud Storage: Access tokens, along with AWS and Azure storage buckets.
- Additional Data: Docker builds, Jira tickets, and premium product information from Cisco’s portfolio.
Impact on Major Corporations
In addition to Cisco’s data, Intel Broker claims the breach exposed source code and sensitive information from several global corporations, particularly in the telecom, financial, and tech sectors:
- Telecom: Verizon, AT&T (USA and Mexico), British Telecom, T-Mobile (USA and Poland), Vodafone (Albania and Australia), and Turkcell.
- Financial: Bank of America, Barclays, and National Australian Bank.
- Tech and Healthcare: Microsoft, Liberty Global, and Dignity Health.
Stolen Data Offered for Sale
Intel Broker has put the stolen data up for sale on Breach Forums, accepting Monero (XMR), a cryptocurrency favored by cybercriminals for its strong privacy features. The hacker mentioned they are open to using a trusted middleman to handle the transaction, a common tactic to maintain anonymity for both buyer and seller and avoid law enforcement detection.
Unverified Claims and Ongoing Investigation
Hackread.com has reached out to Cisco for an official statement regarding the alleged breach, but no response has been provided at the time of writing. If verified, this breach could have far-reaching consequences for Cisco and its partners, raising concerns over potential misuse of the compromised data.
The severity of the claims highlights the growing threat of cyberattacks targeting major corporations and the need for robust cybersecurity measures across all sectors.