Cisco has opened an investigation into a possible cybersecurity incident and taken down its DevHub portal as a precautionary measure. On October 18, 2024, the company confirmed that it is investigating reports that a “rogue actor” allegedly gained access to certain Cisco and customer data. The problem he appeared on a well-known forum frequented by cybercriminals under the title “Cisco Data Breach”. The post says “Hello BreachForums Community. Today, I am selling the Cisco breach that happened recently (10/6/2024). Violated by @IntelBroker @UsuárioArmasEnergéticas & @EnergyWeaponUser & @zjj“.
In response to these allegations, Cisco declared that there is currently no evidence of a breach in its systems. However, the company acknowledged that a “small number of files that were not authorized for public download may have been published” in its public DevHub environment.
The portal serves as a resource center for customers, providing software code and scripts for their use. As part of the investigation, Cisco disabled public access to the DevHub website. The company also hired police authorities to assist with the matter, demonstrating the seriousness with which they are treating the situation.
Although Cisco maintains that no sensitive personal information or financial data appears to have been compromised, they are continuing the investigation to confirm the extent of the potential data exposure. The company has committed to notifying customers directly if it is determined that unauthorized persons have obtained their confidential information.
Cisco has asked customers with questions to contact the Product Security Incident Response Team (PSIRT) at
[email protected]
See the original post at: CisoAdvisor