Data Security, Threat Intelligence, Cloud Security

Massive Cisco breach claimed by ShinyHunters

Cisco Logo on a Modern Office Building

Cisco had over three million Salesforce records with personal information, AWS buckets, GitHub repositories, and other corporate information allegedly stolen by the ShinyHunters hacking operation across three separate cyberattacks, Cybernews reports.

Analysis of the screenshots supplied by ShinyHunters, which began issuing extortion demands on Mar. 31, included an image of the AWS EC2 Volumes console potentially showing more than 100 virtual storage drives purportedly having hundreds of gigabytes of data. Another image showed an AWS S3 bucket list purportedly owned by the U.S. tech giant. While ShinyHunters' assertions require additional verification, such a breach is believed by Cybernews researchers to be the same as the Trivy-related hack reported by BleepingComputer to have resulted in the exfiltration of several AWS keys and the cloning of its GitHub repositories.

"This incident can be damaging to the company's customers, and the main risks are confidential data exposure in general. Data from customers would give attackers a foothold to plan further attacks, and the personally identifiable information could be useful for social engineering, fraud, and other scams," said researchers.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds