Particle.news
Download on the App Store
5 ARTICLES
·
last wk.

Cisco Addresses Vishing Breach That Exposed Cisco.com User Profiles

Enhanced security training is underway following the CRM intrusion that exposed basic Cisco.com user profiles.

HOSPITALET DE LLOBREGAT, BARCELONA, SPAIN - 2023/02/27: The CISCO brand logo during the Mobile World Congress Barcelona 2023. Mobile World Congress (MWC) Barcelona 2023 is the largest and most influential event in Spain, where technology, community, and commerce converge. In 2023, MWC aims to bring together 80,000 people and generate an economic impact of about 350 million in the city. (Photo by Ramon Costa/SOPA Images/LightRocket via Getty Images)
Cisco hacked
Cisco data breach exploited employee via vishing call

Overview

  • Cisco traced the July 24 breach to a voice-phishing call that tricked an employee into granting access to a third-party cloud CRM.
  • The attacker exported basic profile data for Cisco.com users, including names, organization names, addresses, Cisco-assigned IDs, email addresses, phone numbers and account metadata.
  • Cisco confirmed that no organizational customers’ confidential information, passwords or other sensitive data were compromised and no other CRM instances were affected.
  • The company has terminated the unauthorized access, notified data protection authorities and affected users, and launched a formal investigation.
  • Security experts warn the incident is linked to a broader wave of Salesforce-focused extortion campaigns and underscores ongoing risks in third-party cloud platforms following last year’s IntelBroker DevHub leak.