Heimdal
Home > Cybersecurity News

Yanluowang Ransomware Gang Leaked Cisco Stolen Data

Cisco Confirms the Data Authenticity but Denies Any Impact on Its Business.

Last updated on September 13, 2022

article featured image

Contents:

The American technology giant, Cisco, confirmed that the data leaked by Yanluowang ransomware gang on September 11, 2022, is authentic.

The data now released on the dark web was stolen in a cyberattack in May, this year. The company’s network has been breached through the VPN account of an employee.

Cisco’s Take on the Attac

In an update to its initial declaration, the organization reiterates the fact that the stolen data do not contain important information, nor have any impact on the business.

The ransomware attack was stopped before the encryption began, and the data that the threat actors managed to exfiltrate supposedly are non-sensitive files from the employee’s Box folder.

“On September 11, 2022, the bad actors who previously published a list of file names from this security incident to the dark web, posted the actual contents of the same files to the same location on the dark web. The content of these files match what we already identified and disclosed.

Our previous analysis of this incident remains unchanged-we continue to see no impact to our business, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations”, says Cisco.

Hacker’s Take on the Attack

The hackers claim otherwise, pretending to have stolen 55GB of data that contains, among others, important technical documents and source code.

Yanluowang’s leader told BleepingComputer that they stole thousands of files amounting to 55GB and that the cache included classified documents, technical schematics, and source code.

The hacker did not provide any proof, though. They only shared a screenshot indicating access to what appears to be a development system.

Source

Cisco denies all this, sticking to the information already disclosed about the stolen data.

“We have no evidence to suggest the actor accessed Cisco product source code or any substantial access beyond what we have already publicly disclosed,” – says the company, according to BleepingComputer.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.

Related Articles

Cisco Confirms CyberattackThe Source Code of Paradise Ransomware Released on a Hacking ForumEverything You Need to Know About the WestRock Ransomware Attack

Leave a Reply

Your email address will not be published. Required fields are marked *

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE
linkedin
youtube
facebook
x

resources

company

newsletter

© 2024 Heimdal®

Vat No. 35802495, Vester Farimagsgade 1, 2 Sal, 1606 København V