Cisco says that private information not too long ago downloaded by a risk actor from a misconfigured public-facing DevHub portal do not comprise info that might be exploited in future breaches of the corporate’s techniques.
Whereas analyzing the uncovered paperwork, the corporate discovered that their contents embrace knowledge that Cisco publishes for patrons and different DevHub customers. Nonetheless, information that should not have been made public have been additionally out there, some belonging to CX Skilled Companies prospects.
“To date, in our analysis, we have decided {that a} restricted set of CX Skilled Companies prospects had information included and we notified them instantly,” Cisco mentioned.
“Our groups have listed and proceed assessing the content material of these information, and we proceed to make regular progress. Now we have not recognized any info within the content material that an actor may have used to entry any of our manufacturing or enterprise environments.”
Cisco has since corrected the configuration, restored public entry to the DevHub web site, and says that internet serps didn’t index the uncovered paperwork.
This replace comes after Cisco confirmed final month that it took its public DevHub web site offline (a useful resource middle for patrons the place it publishes software program code, templates, and scripts) after a risk actor leaked what the corporate described on the time as “personal” knowledge.
The corporate added that it discovered no proof that any monetary knowledge or private info had been uncovered or stolen from the general public DevHub portal earlier than it was taken offline.
IntelBroker (the risk actor behind the leak) instructed BeelpingComputer in addition they allegedly gained entry to a Cisco JFrog developer setting by an uncovered API token.
Screenshots and information the risk actor shared with BeelpingComputer confirmed they gained entry to supply code, configuration information with database credentials, technical documentation, and SQL information.
Whereas Cisco says its techniques have not been breached, info shared by the risk actor signifies that in addition they breached a third-party growth setting, permitting them to steal knowledge.
BleepingComputer contacted Cisco with additional questions on IntelBroker’s claims, however the firm has not replied.