Intel Broker claims a major data breach at Cisco, allegedly stealing source codes, confidential documents, and credentials from global firms like Verizon, AT&T, Microsoft, and more. Data is now for sale on Breach Forums.
Intel Broker, a hacker notorious for high-profile data breaches, is claiming to have breached the technology giant Cisco Systems, Inc. In a post on the cybercrime platform Breach Forums, the hacker stated that the breach enabled them to steal a massive amount of sensitive information from Cisco’s systems.
According to the hacker, the alleged data breach took place on October 10, 2024, while the Breach Forum post was published earlier today on October 14, 2024.
What Was Allegedly Stolen?
As seen by the Hackread.com research team, Intel Broker has listed a massive amount of data that was allegedly stolen in the breach, including:
- Source Code: Projects from GitHub, GitLab, and SonarQube, critical to Cisco’s development efforts.
- Hard-Coded Credentials: Sensitive information like login details embedded in source code.
- Certificates and Keys: SSL certificates, and public and private keys crucial for secure communications.
- Confidential Documents: Internal documents and information classified as “Cisco Confidential.”
- API Tokens and Storage Buckets: AWS private buckets, Azure storage buckets, and API tokens that could be used to access critical systems.
- Other Sensitive Information: Jira tickets, Docker builds, and Cisco premium products are also listed.
Impact on Major Corporations
Intel Broker also shared a list of companies whose production source codes were allegedly taken during the breach. The list includes several high-profile firms, particularly in the telecommunications and financial sectors, such as:
- Telecom Companies: Verizon, AT&T (USA and Mexico), British Telecom, T-Mobile (USA and Poland), Vodafone (Albania and Australia), and Turkcell.
- Financial Institutions: Bank of America, Barclays, and National Australian Bank.
- Tech and Health: Microsoft, Liberty Global, and Dignity Health.
Data for Sale
Intel Broker is offering the stolen data for sale in exchange for Monero (XMR), a cryptocurrency known for its privacy features. The hacker indicated that they are open to using a middleman to facilitate the transaction, ensuring anonymity for both the buyer and seller. This method is a common practice among cybercriminals to avoid detection and tracking by authorities.
Unverified but Serious Claims
At the time of writing, Hackread.com, which first spotted the hacker’s claims, has reached out to Cisco for comment, but no official response has been given. The breach, if confirmed, could have major consequences for Cisco and the affected companies, raising concerns about the extent of the damage and the potential exploitation of the compromised data.
Intel Broker and Previous Breaches
Intel Broker is known for high-profile data breaches. In June 2024, the hacker claimed to have breached Apple Inc., stealing source code for internal tools. The same hacker boasted about breaching AMD (Advanced Micro Devices, Inc.), and stealing employee and product information.
In May 2024, Intel Broker hacked Europol, a breach that the agency later confirmed. Some of the hacker’s previous data breaches are listed below:
- Tech in Asia
- Space-Eyes
- Home Depot
- Facebook Marketplace
- U.S. contractor Acuity Inc.
- Staffing giant Robert Half
- Los Angeles International Airport
- Alleged breaches of HSBC and Barclays Bank
Although the hacker’s origins and affiliates are unknown, according to the United States government, IntelBroker is alleged to be the perpetrator behind one of the T-Mobile data breaches.
Nevertheless, these claims regarding the Cisco data breach go on to show the cybersecurity risks faced even by large organizations. As more details emerge, the scale of this breach and its potential fallout will be closely watched.
RELATED TOPICS
- Akira Ransomware Targets Businesses via Exploited CISCO VPNs
- Cisco Network Breach as Employee’s Google Account was Hacked
- Hackers Claim 10TB Breach at Russian Cybersecurity Firm Dr.Web
- Hackers leave US flag after targeting Cisco switches in Russia & Iran
- Ex-worker hacked Cisco AWS Infrastructure; erased virtual machines