Cisco has confirmed that a cybercriminal successfully tricked one of its reps over the phone, giving them access to user data stored in a third-party system tied to Cisco.com accounts.
The breach was discovered on July 24. According to Cisco, the attacker used a voice phishing (“vishing”) tactic to impersonate someone authorized, convincing an employee to grant access. Once in, they pulled a subset of user profile data stored in a cloud-based customer relationship management (CRM) platform.
The stolen data includes names, company names, user IDs, email addresses, phone numbers, physical addresses, and metadata about account activity. While that may not sound like high-value information on its own, in the wrong hands, it’s a goldmine for phishing campaigns, social engineering attacks, and identity theft.
Related: SonicWall Urges Firewall Users to Disable VPN Amid Rising Ransomware Attacks
Cisco did not reveal how many users were affected. When pressed by reporters, a spokesperson declined to comment on numbers.
The hack appears to be part of a broader campaign targeting Salesforce data. Other big names recently hit include Allianz Life, Tiffany & Co., and Qantas, all of whom use Salesforce, as does Cisco. It is another reminder that even tech giants can slip, and that phishing remains one of the most effective tools in a hacker’s playbook. If you’re a Cisco.com user, it might be time to double-check your account security settings.
