CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Data Breaches

Cisco Says User Data Stolen in CRM Hack

Cisco has disclosed a data breach affecting Cisco.com user accounts, including names, email address, and phone numbers. The post Cisco Says User Data Stolen in CRM Hack appeared first on SecurityWeek.

Cisco hacked

Cisco has disclosed a data breach impacting a third-party customer relationship management (CRM) system. 

The incident came to light on July 24, when Cisco learned that one of its representatives had been targeted in a vishing attack. The threat actor had managed to access and steal a “subset of basic profile information” from an instance of a third-party CRM system used by Cisco. 

The networking giant immediately took steps to terminate the hacker’s access to the CRM system. An investigation determined that the attacker obtained information provided by individuals who registered an account on Cisco.com.

The compromised information includes name, email address, phone number, organization name, address, a Cisco-assigned user ID, and metadata related to the account (eg, account creation date).

Cisco said the hacker did not obtain any confidential or proprietary information belonging to its organizational customers. Passwords or other types of sensitive data were also not affected. 

“Cisco did not identify any impact to our products or services, and no other Cisco CRM instances were affected,” Cisco said.

Impacted users have been notified, as well as data protection authorities. 

“Every cybersecurity incident is an opportunity to learn, strengthen our resilience, and help the wider security community,” Cisco said. “We are implementing further security measures to mitigate the risk of similar incidents occurring in the future, including re-educating personnel on how to identify and protect against potential vishing attacks.”

This is not the only data breach suffered by Cisco recently. In December 2024, the notorious hacker IntelBroker leaked gigabytes of files, including source code, scripts, digital certificates, and configuration files pertaining to Cisco products.

Cisco confirmed the data was authentic, but said its systems had not been breached — the data was taken from a public-facing DevHub environment that served as a resource center for customers. While much of the data from this DevHub instance had already been public, some of the stolen files were not supposed to be public.

Related: Cost of Data Breach in US Rises to $10.22 Million, Says Latest IBM Report

Related: Tea App Takes Messaging System Offline After Second Security Issue Reported

Related: NASCAR Confirms Personal Information Stolen in Ransomware Attack

Latest News

CYBERNEWSMEDIAPublisher