Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen.
The compromised information includes cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations.
A redacted NDA agreement that was obtained in the attack was also supplied to BleepingComputer by the threat actors as evidence of the incident and a "hint" that they had infiltrated Cisco's network and taken files.
They immediately took action to contain and eradicate the bad actors.
TPRM report: https://www.rankiteo.com/company/cisco
"id": "cis0217922",
"linkid": "cisco",
"type": "Ransomware",
"date": "6/2017",
"severity": "80",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Technology',
'name': 'Cisco',
'type': 'Company'}],
'data_breach': {'data_exfiltration': '2.8GB',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Cisco products or services',
'Sensitive customer data',
'Sensitive employee information',
'Intellectual property',
'Supply chain operations']},
'description': 'Cisco experienced a ransomware attack by the Yanluowang gang, '
'resulting in the alleged theft of 2.8GB of data.',
'impact': {'data_compromised': ['Cisco products or services',
'Sensitive customer data',
'Sensitive employee information',
'Intellectual property',
'Supply chain operations']},
'motivation': 'Data theft and ransom',
'ransomware': {'data_exfiltration': '2.8GB',
'ransomware_strain': 'Yanluowang'},
'references': [{'source': 'BleepingComputer'}],
'response': {'containment_measures': ['Took action to contain and eradicate '
'the bad actors']},
'threat_actor': 'Yanluowang ransomware gang',
'title': 'Cisco Hacked by Yanluowang Ransomware Gang',
'type': 'Ransomware'}