Cisco, one of the largest manufacturers of networking equipment and enterprise solutions in the world, is said to have fallen victim to a ransomware attack.
The cybercriminal group ShinyHunters claims to have compromised data from the ICT giant and to have in their possession more than 3 million records associated with Salesforce instances linked to the firm.
Additionally, the hackers claim to have gained access to code repositories on GitHub and possible deposits in cloud services like Amazon Web Services.
As part of their ‘booty,’ there would be CRM databases containing contact information of users and customers, such as names, email addresses, phone numbers, and other account metadata.
So far, Cisco has not issued a specific official statement in response to the threat from the gang.
From Digital Shield, we have contacted the communication department of the technology company, who declined to comment.
Rare Pokémon Hunters
ShinyHunters has been active since 2019 and has been involved in multiple data breaches at companies from various sectors, from social networks and digital platforms to telecommunications services and large corporations. Their name refers to the hunting of rare Pokémon (the “shiny Pokémon”) in video games, drawing an analogy with the search for valuable data.
Some arrests related to members or collaborators of the gang took place as part of an international operation in France last year, although it was not clear if they were all direct operators of the group or associates in data selling forums.
Among the most notable victims of ShinyHunters are Google, SoundCloud, Pornhub, Crunchbase, Harvard University, and the fashion group LVMH (which includes brands like Gucci, Dior, or Louis Vuitton).
Although their origin is not clear, some of their active members seem to be in Asia and Eastern Europe. The gang has also teamed up with others to collaborate and form the so-called ‘Chaos Triad.’
