Cisco Alerts Customers After Hacker Accesses Non-Public Files

Cisco has informed a select group of customers about unauthorised access to certain files following a cyber incident disclosed in October. The technology giant has consistently denied experiencing a breach but revealed on 18 October that a threat actor downloaded data from its public-facing DevHub platform, which provides software code and scripts to customers.

In a recent update, Cisco acknowledged that “a limited set of CX Professional Services customers” were affected and have been notified directly. The company stated, “In the event that we identify further customer files, we will notify the relevant customers,” urging those with concerns to contact their account teams.

This announcement comes in the wake of claims made by a hacker on a cybercrime forum on 14 October, who shared allegedly stolen technical documents and source code from multiple Fortune 500 companies. Over the weekend, the hacker claimed on social media that Cisco offered $200,000 to retract the post, a proposal they refused. In response to inquiries, a Cisco spokesperson reiterated the company’s earlier statements.

Following the hacker’s claims, Cisco has been cooperating with law enforcement and confirmed that there was no breach of sensitive personal or financial information. However, the company has since restricted access to the site from which the hacker obtained the documents and compiled a list of files believed to have been downloaded during the incident.

Cisco explained that while most content on DevHub is intentionally public, some files were mistakenly published due to a configuration error, which has since been rectified. The company continues to assess the content of the accessed files and has assured that no information could enable access to its production environments.