Networking and telecommunications giant Cisco has confirmed that it is investigating claims of a data breach after allegedly stolen data appeared online.
A well known cybercriminal known by the screen name ‘IntelBroker’ claims to have accessed Cisco’s systems on the 6th of October 2024. In a post on Breach Forums, a cybercriminal forum, the hacker alleged that the stolen data he accessed contained ‘Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!’.
IntelBroker did not confirm how he was able to access the Cisco data but did share screenshot samples that included customer information and screenshots of internal management portals.
Cisco is a leading provider of networking hardware, software and telecommunications equipment. They are responsible for massive amounts of valuable personal and company data, making them an attractive target to cyber scammers.
Any leaked information would not only be damaging to their reputation, it would likely impact major stakeholders whose product codes would be compromised, allegedly including, according to IntelBroker, financial institutions like the Bank of America and Barclays.
The list of organizations compromised also includes critical government infrastructure in America including the Air Force, Army and FBI.
The telecommunications giant has not yet confirmed the results of its ongoing investigation into the potential breach.
What To Do if Your Data Was Compromised in the Cisco Data Breach?
Although Cisco have not yet confirmed the data breach it can be distressing if a potentially compromised organization has access to your business or personal data. However, there are steps you can take to mitigate any potential impact and protect your personal information.
Be sure to monitor your financial accounts, especially if they are housed in allegedly affected institutions. This might involve employing a credit monitoring service or manually keeping an eye on each account. If you are particularly concerned most banks will allow you to temporarily freeze your credit, cards or accounts with immediate effect. Ensure that if you do notice any suspicious activity report it to your bank as soon as possible.
Your information being compromised can make you a target for social engineering and phishing scams. These scams will leverage your exposed information to impersonate legitimate institutions and convince you to hand over money or additional details. It is particularly important to remain skeptical of anyone asking you for information, even if they look legitimate.
To add an extra layer of security to your accounts enable multi-factor authentication. MFA requires you to provide multiple pieces of evidence to verify your identity when you log in, rather than just a password. Even if threat actors have been able to access your password they would not be able to pass verification without further authentication.