A hacker has leaked data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total amount of files that was taken.
The notorious hacker IntelBroker announced in October that he and others had breached Cisco systems and obtained source code, certificates, credentials, confidential documents, encryption keys and other types of information. The hacker claimed to have obtained source code associated with several major companies.
Cisco’s investigation showed that its systems had not been breached and that the data was actually obtained from a public-facing DevHub environment that serves as a resource center from where customers can obtain source code, scripts and other content.
The networking giant noted that while a majority of the data hosted in the DevHub environment was public, the hackers also obtained some files that were not intended for public download and were inadvertently published on the site due to a configuration error. The downloaded data included files related to some CX Professional Services customers.
Cisco initially said it had no evidence that confidential information such as sensitive personal information or financial data was compromised, but it has since removed this statement from its incident reports.
IntelBroker on Monday made available 2.9 Gb of data obtained from the Cisco DevHub instance, claiming that the leaked files pertain to Cisco’s Catalyst, IOS, Identity Services Engine (ISE), Secure Access Service Edge (SASE), Umbrella and WebEx products.
The leaked data, posted on the BreachForums cybercrime forum, includes JavaScript, Python and other source code files, as well as certificates and library files.
The hacker claims to have downloaded 4.5 Tb of data from the DevHub instance. IntelBroker previously claimed that a total of 800 Gb of files were obtained, but the hacker is known to make claims that turn out to be exaggerated.
Advertisement. Scroll to continue reading.
SecurityWeek reached out to Cisco last month for clarifications on the amount of data that was taken, but the company did not respond.
In response to IntelBroker’s new leak, Cisco said on Tuesday that it’s aware of the hacker’s posts and the company believes the files they reference are the ones previously identified during its investigation.
“As noted in prior updates, we are confident that there has been no breach of our systems, and we have not identified any information in the content that an actor could have used to access any of our production or enterprise environments,” Cisco said on Tuesday.
Related: Nokia Says Impact of Recent Source Code Leak Is Very Limited
Related: Amazon Employee Data Leaked by Hacker
Related: 760,000 Employee Records From Several Major Firms Leaked Online