In May, Cisco suffered a cyberattack from the Yanluowang ransomware gang. A previous report from the BleepingComputer said that the threat actors had stolen 2.75GB of data from the company.
"Cisco experienced a security incident on our corporate network in late May 2022, and we immediately took action to contain and eradicate the bad actors," said a Cisco spokesperson, as cited by the BleepingComputer.
Now, Cisco has confirmed that Yanluowang ransomware leaked the data that the group stole during a previous attack.
Leaked Stolen Data Has No Impact on Cisco's Business
Despite the leak, the company maintained its claim that "the leak does not change the initial assessment that the incident has no impact on the business," as per the latest report of the BleepingComputer.
According to Cisco, the hackers posted "actual contents" on the dark web on September 11, 2022, and the files matched what the company previously "identified and disclosed."
However, despite the threat of the hackers' action, Cisco said that "we continue to see no impact to our business."
Furthermore, the company claimed that the leak of stolen data has no effect on Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations.
In May, the Yanluowang hackers used a Cisco employee's stolen credentials in order to access the company's network.
The hackers hijacked the employee's personal Google account that contained credentials, which were synced from their browser.
The Yanluowang threat actors tricked the Cisco employee into accepting multi-factor authentication (MFA) push notifications. With this, the hackers gained access to the VPN.
When the company discovered the breach, it took immediate action to contain and eradicate the bad actors, Cisco said in a statement, as per Intelligent Cisco.
Read Also: Soccer Club Manchester City, Cisco are Working on a Smart Scarf That Can Track a Fan's Reactions
Yanluowang Ransomware Gang Claims They Have Stolen 55GB of Data From Cisco
Earlier reports claimed that the threat actors stole 2.75 GB of data consisting of 3,100 files. However, a recent report from the BleepingComputer stated that the Yanluouwang's leader claimed that they managed to steal around 55GB of files.
The stolen files include cache plus classified documents, technical schematics, and source code, as per the BleepingComputer.
Despite the claim of Yanluowang, the group wasn't able to give any proof of their declaration.
The hacker only presented a screenshot that shows "access to what appears to be a development system." However, the BleepingComputer said they could not confirm the accuracy of the screenshot provided by the gang.
Meanwhile, Cisco said that the intruders were not able to "exfiltrate or access any source code."
The company said that they have no evidence showing that the threat actors gained access to its product source code.
Likewise, Cisco said that there is no "substantial access beyond what we have already publicly disclosed."
A report linking Yanluowang, "Evil Corp" (UNC2165), and FiveHands ransomware (UNC2447) was published by the research team at cybersecurity company eSentire last month.
But according to the BleepingComputer, Yanluowang gang claimed that they did not work with any other group when they breached Cisco.
Related Article: Cisco Confirms Data Breach by Yanluowang Ransomware Gang