IT, networking, and cybersecurity solutions giant Cisco has admitted suffering a security incident targeting its corporate IT infrastructure in late May 2022. On August 10, the firm stated that an employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized. Bad actors published a list of files from this security incident to the dark web, Cisco added.
“The incident was contained to the corporate IT environment and Cisco did not identify any impact to any Cisco products or services, sensitive customer data or employee information, Cisco intellectual property, or supply chain operations,” the company said. Cisco claimed it took immediate action to contain and eradicate the bad actor, which it has linked to notorious threat group LAPSUS$. It also said that it has taken the decision to publicly announce the incident now as it was previously actively collecting information about the bad actor to help protect the security community.
Leer másCSO Online