Info Data Leak

Cisco Looks into Possible Data Leak but Says Internal Systems Are Safe

SecurityOnline

Threat Actor: Unknown | unknown
Victim: Cisco Systems | Cisco Systems
Price: Not applicable
Exfiltrated Data Type: Limited files (no sensitive PII or financial data)

Key Points :

  • Cisco is investigating unauthorized access to data on a public-facing DevHub environment.
  • Initial reports suggested a breach of internal systems, but Cisco confirmed this is not the case.
  • The data in question was found on a resource center intended for community support, not internal systems.
  • A small number of files not authorized for public download may have been inadvertently exposed.
  • No sensitive personally identifiable information (PII) or financial data has been identified among the exposed files.
  • As a precaution, Cisco has temporarily disabled public access to the DevHub during the investigation.
  • Cisco will communicate directly with customers if they determine any have been impacted by this incident.

Cisco Systems is currently investigating an alleged unauthorized access to data housed on a public-facing DevHub environment. While initial reports suggested a potential breach of Cisco’s internal systems, the company has confirmed this is not the case.

In a security incident report updated on October 18th, Cisco stated:

Based on our investigations, we are confident that there has been no breach of our systems. We have determined that the data in question is on a public-facing DevHub environment—a Cisco resource center that enables us to support our community by making available software code, scripts, etc. for customers to use as needed.”

The DevHub, designed to provide resources for the Cisco community, may have inadvertently exposed a limited number of files not intended for public consumption. Cisco assures that, “At this stage in our investigation, we have determined that a small number of files that were not authorized for public download may have been published.”

The company is diligently working to identify the nature of the potentially exposed files. While no sensitive personally identifiable information (PII) or financial data has been found among them, the investigation remains ongoing.

As a precautionary measure, Cisco has temporarily disabled public access to the DevHub.

Out of an abundance of caution, we have disabled public access to the site while we continue the investigation. Meanwhile, Cisco will engage directly with customers if we determine they have been impacted by this event.”

Related Posts:

Original Source: https://securityonline.info/cisco-investigates-potential-data-exposure-confirms-no-breach-of-internal-systems/

Tags: LEAK, BREACH, FINANCIAL