Share this article on:
Threat actors have claimed a cyber attack on US technology multinational Cisco, claiming to have exfiltrated data belonging to a number of major organisations.
Cisco is a network hardware and software manufacturer, best known for the production of its routers.
In a post on a popular cyber crime forum, threat actor IntelBroker said it gained access to Cisco’s systems on 6 October, stealing large amounts of data belonging to it and its customers.
Data allegedly includes “Github projects, Gitlab Projects, SonarQube projects, source code, hard-coded credentials, certificates, customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!”
IntelBroker listed a handful of companies that allegedly “had their production source codes taken”, including Vodafone Australia, National Australia Bank (NAB), Microsoft, Bank of America, AT&T, and more. Cyber Daily has not been able to verify these claims.
The threat actor also provided a full list of customers, which includes more companies from Australia and around the globe, including Allianz (Accenture), Australian Red Cross Blood Service, Ascension Health, Reserve Bank of Australia, the Australian Department of Defence, NSW Health, NSW Rural Fire Service, Queensland Health, Rio Tinto, EU Parliament, Fairfax Media, FBI, Google, Samsung, IBM, KPMG, US Ministry of Defence, and hundreds more.
It is unclear whether the companies in this list have been affected by the cyber attack or if the list is purely just Cisco’s customers. However, the Australian Red Cross Blood Service, which was only listed as a customer, appeared in the sample data.
Cyber Daily has reached out to NAB, which said it was aware of the incident and has reached out to Cisco for further information.
Cyber Daily has also contacted both Vodafone Australia and the Australian Red Cross Blood Service for more information.