Overview
- A July 24 voice phishing call tricked a Cisco representative into granting an attacker access to a third-party cloud-based CRM system.
- Threat actors exfiltrated names, organization names, addresses, Cisco-assigned user IDs, email addresses, phone numbers and account metadata from Cisco.com user profiles.
- Cisco confirmed that no passwords, proprietary customer data or other CRM instances and products were compromised.
- Upon discovery, the company revoked the actor’s access, notified data protection authorities and impacted users and launched a comprehensive investigation.
- The full number of affected accounts and any ransom demands remain under review as Cisco implements enhanced security measures.