Cisco has disclosed the takedown of its public-facing DevHub portal, which was determined to contain the non-public information exposed by IntelBroker last week, according to BleepingComputer.
"At this stage in our investigation, we have determined that a small number of files that were not authorized for public download may have been published," said Cisco, which emphasized that none of its systems have been compromised and that users' personal and financial data remain intact. Such a development comes after IntelBroker admitted leveraging a leaked API token to breach a Cisco third-party developer environment, allowing the exfiltration of source code, SQL files, technical files, and configuration files with database credentials, as well as persistent access until being blocked by Cisco on Friday. IntelBroker has also reiterated that he has no plans to extort the tech firm. "I wouldn't trust a threat actor if they asked for money not to leak my stuff, so they shouldn't either," said IntelBroker.
