Cisco has confirmed that 4 GB of data leaked by a hacker is authentic and related to a recently disclosed security incident. The tech giant revealed that a hacker had leaked more data stolen from a Cisco DevHub instance. This data originated from a previously disclosed security incident announced on October 14, where hackers obtained source code, certificates, credentials, confidential documents, encryption keys, and other types of information.
Cisco clarified that its systems had not been breached directly. Instead, the data was taken from a public-facing DevHub environment intended to serve as a resource center providing source code, scripts, and other content to customers. While much of the data from this DevHub instance is already public, Cisco admitted that some of the files obtained by the hackers were not supposed to be public.
Hacker leaks data from Cisco DevHub
Initially, the hacker claimed to have obtained 800 GB of files but later updated the claim to 4.5 TB of data taken from the DevHub environment. By mid-December, the hacker had made roughly 3 GB of this data available, and on Christmas Day, another batch of files totaling more than 4 GB was leaked.
This data includes source code, scripts, digital certificates, and configuration files related to Cisco products. Following the second leak, Cisco analyzed the data and confirmed that it “aligns with the known data set from October 14, 2024.” According to the company, there has been no breach of their systems, and they have not identified any information in the content that could be used to access any of their production or enterprise environments. Previously, Cisco stated that there was no evidence sensitive personal information or financial data was compromised.
However, this statement has since been removed from their incident reports.
