September 13, 2022

The data recently leaked by the Yanluowang ransomware gang was stolen from the company’s network during a cyberattack in May, according to Cisco. However, the company claims that the leak does not change its initial assessment that the incident has no impact on the business.

According to Cisco, on September 11, 2022, malicious actors who had previously posted a list of file names from the security incident to the dark web published the exact content of the exact files to the same place on the dark web. The contents of these files correspond to what has already been revealed.

Although Cisco denies that the attackers have accessed the source code, it announced in August that the Yanluowang ransomware had broken its network after hackers had gained access to the VPN account of an employee.

Among the stolen information were also non-sensitive files from the box folder of the employee, and the attack was stopped before the ransomware could start encrypting systems.

Yanluowang claimed the opposite. According to their leader, they stole thousands of files with a total capacity of 55 GB, including secret information, technical schematics and source code. However, the hacker provided no evidence. They only shared a screenshot of what appears to be a development system.

The source for this piece includes an article in Bleepingcomputer.