The operator expressed confidence that none of its systems had been breached, but disabled access to the public-facing environment while it continues to investigate the breach.
Subscribe today for free
“Cisco will engage directly with customers if we determine they have been impacted by this event,” the company said in an update.
A trio of hackers led by the notorious IntelBroker stole Cisco data last week and posted samples, including screenshots of customer management portals, on forums.
The hackers claim to have gotten away with a trove of data, including buckets from AWS and Microsoft Azure, API tokens, source code, and SSL certificates, among other items.
However, Cisco claims that only a “small number of files that were not authorised for public download” were among the items the hackers have published.
“As of now, we have not observed any confidential information such as sensitive PII or financial data to be included but continue to investigate to confirm,” the company said.
IntelBroker spoke with BleepingComputer and claimed to have gained access through a Cisco third-party developer environment thanks to an exposed API token.
Cisco has since opted to pause access to DevHub “out of an abundance of caution.”
RELATED STORES
Cisco hit by major breach: Hackers steal confidential data and source code
AT&T agrees $13 million fine for 2023 data breach
T-Mobile virtual machine logs allegedly exposed in Capgemini data breach