Cisco Hacked - User Data Stolen

Uploaded on 2025-08-11 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The leading multinational technology conglomerate Cisco Systems, best known for its networking hardware, software and telecommunications equipment was first made aware of a hacking incident on July 24th which involved a criminal actor targeting a Cisco representative through a voice phishing attack, which is also called vishing. 

According to reports, the hacker was able to access and export a subset of basic profile information from one instance of a third-party, cloud-based Customer Relationship Management (CRM) system that Cisco uses. 

This is a fruther emebarassing incident invloving penetration of Cisco infatructure, most notably one earlier this year when Salt Typhoon hackers gained access to core US telecoms infrastructure through Cisco devices, then used that infrastructure to extract information.

On its discovery that the hacker had access to that CRM system it was immediately isolataed and Cisco commenced an investigation, which has now now determined that the exported data primarily consisted of basic account profile information of individuals who registered for a user account on Cisco.com. 

This included their name, organisation name, address, Cisco assigned user ID, email address, phone number, and account-related metadata, such as creation date. 

The company said that the intrusion was isolated to one specific CRM system and that no other internal systems, products, or services were affected. They say the hacker did not obtain any of our organisational customers’ confidential or proprietary information, or any passwords or other types of sensitive information. Cisco has engaged with data protection authorities and notified affected users where required by US law. 

Cisco say they are implementing further security measures to mitigate the risk of similar incidents occurring in the future, including re-educating personnel on how to identify and protect against potential vishing attacks.

The company issued an apology for the incident. “We apologise for any inconvenience or concern that this incident may have caused,” Cisco stated, encouraging customers and partners with further questions to get in touch with their designated account teams for support.

Cisco   |   Security Week  |   Bleeping Computer  |   Security Affairs  |  Cybersecurity News   

Image: @Cisco

You Might Also Read: 

Attacks Against Cisco Firewall Platforms:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Connections Between Climate Change & Cybersecurity
Ransomware Hits Major Brands. Lessons For Active Directory Management. »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Paraben

Paraben

Paraben provides digital forensics solutions for mobile devices, smartphones, email, hard drives, and gaming system.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Libraesva

Libraesva

Libraesva secures email communications for organisations, helping them eliminate email borne threats, preserve email data and provide an environment for their people to communicate safely.

Outpost24

Outpost24

Outpost24 provides easy to deploy and intuitive solutions to continuously identify, remediate and mitigate vulnerabilities in your network.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT is the national Computer Emergency Response Team for the Philippines.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

National Center for Manufacturing Sciences (NCMS) - USA

National Center for Manufacturing Sciences (NCMS) - USA

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

National Security Services Group (NSSG) - Oman

National Security Services Group (NSSG) - Oman

National Security Services Group (NSSG) is Oman's leading and only proprietary Cybersecurity consultancy firm and Managed Security Services Provider.

Ethiopian Cybersecurity Association (ECySA)

Ethiopian Cybersecurity Association (ECySA)

ECySA was formed to play an influential part in the ongoing and dawning cybersecurity practices of Ethiopia, efficiently creating public and private awareness on all kinds of cyber risks and threats.

Control D

Control D

Control D is a modern and customizable DNS service that blocks threats, unwanted content and ads - on all devices.

Affinity Technology Partners

Affinity Technology Partners

Affinity Technology Partners has been fueling the growth of Nashville, Tennessee businesses and nonprofits with reliable IT services since 2002.