A data leak posted by IntelBroker on December 25th via BreachForums has been verified as authentic by Cisco. This follows an earlier leak this month of 2.9 GB of files. The files contain sensitive materials such as cryptographic signatures, internal project archives, and source code.
Allegedly a misconfiguration in the DevHub platform inadvertently made the files publicly accessible. The misconfiguration has since been corrected by Cisco. This serves as a continuing reminder that properly configuring cloud and third-party services is essential to maintaining the Confidentiality – Integrity – Availability triad!
More reading available here!