The ShinyHunters extortion group claims to have breached Cisco Systems, Inc., a major American multinational digital communications technology conglomerate. The threat actor alleges that they have successfully executed three separate breaches, compromising environments associated with UNC6040, Salesforce Aura, and the company’s AWS accounts. Screenshots provided as proof of the breach show unauthorized access to an AWS Management Console for the Cisco Crosswork Network Controller, detailing hundreds of internal storage volumes. The group has issued a strict deadline, demanding that the company reach out by April 3, 2026, or face a public data leak alongside further disruptive actions.
According to the actor, the allegedly compromised data includes over 3 million Salesforce records containing:
-
Personally Identifiable Information (PII)
-
GitHub repositories
-
AWS buckets
-
Internal corporate data
Daily Dark WebRead More
R1
T1
