Thought Leadership
Following a vishing attack on an employee, cybercriminals obtained the registration data of Cisco.com users.
The US network specialist Cisco Systems was informed of an incident in which an attacker had targeted a Cisco employee via a voice phishing attack. As a result, the actor was able to access a third-party cloud-based CRM instance and export data stored there.
Basic account profile information exported
As Cisco announced in an official statement, the attackers were able to export basic account profile information from the affected CRM system. The company’s investigation revealed that the exported data mainly consisted of basic information from people who had registered a user account on Cisco.com.
The exported information includes names, organization names, addresses, user IDs assigned by Cisco, email addresses, telephone numbers and account-related metadata such as the creation date. Confidential or proprietary information of Cisco customers as well as passwords or other sensitive data types are not affected.
Access prevented after discovery
Cisco reacted after the incident was discovered and prevented the attackers from gaining further access to the system, the statement continues. The investigation carried out confirmed that the data outflow was limited to the registration details described. There was no impact on Cisco products or services or other CRM instances of the company.
Affected users and the relevant data protection authorities have already been notified. Cisco has announced extended protective measures and intends to train staff more in recognizing and fending off voice phishing attempts.
