Cisco

Summary

On 6 October 2024, threat actor Intel Broker claimed a cyberattack on Cisco alleging exfiltration of data from major organizations including NAB, Vodafone Australia, Microsoft, Bank of America, AT&T, Australian Red Cross Blood Service, Reserve Bank of Australia, Department of Defence, and NSW Health. The claimed stolen data included GitHub/GitLab projects, source code, credentials, AWS/Azure buckets, and keys. Cisco investigated but found no evidence their systems were impacted. In December 2024, IntelBroker leaked 2.9GB of allegedly Cisco data from DevHub as part of a claimed 4.5TB breach. Claims remain unverified.

What Happened

IntelBroker, working with EnergyWeaponUser and zjj, claimed they breached Cisco's systems and exfiltrated customer production source code and confidential data from numerous organizations. The full alleged customer list included Australian government agencies, financial institutions, healthcare providers, and multinational corporations.

Impact on Individuals

If authentic, the breach would have exposed source code, credentials, and confidential documents from critical Australian infrastructure including defense, health, banking, and government systems. The specific number of affected individuals was not disclosed.

Organisational Response

Cisco engaged law enforcement and investigated but found no evidence of their systems being compromised. The claims remain unverified.