- A scammer cheated a Cisco employee to give access to a CRM
- The attacker then used access to confilled data
- Affected clients were notified “when the law required”
Cisco has recently admitted suffering a cyber attack that saw him lose many customer data, including personal identification information (PII).
In a brief announcement published on its website, the company revealed that a threat actor used Voice Phishing (Vishing) to deceive a Cisco representative and obtain access to an instance of a customer relations management system (CRM) based on the third -party cloud it uses.
After the intrusion, Cisco launched an investigation, which determined that confidential data from the client were extracted.
Passwords are safe
“Our research has determined that the exported data mainly consisted of the basic account profile information of the people who were recorded for a user account on Cisco.com (name, organization name, address, user ID assigned by Cisco, email address, telephone number and metadata related to the account, such as the creation date),” said Cisco.
“The actor did not obtain any of the confidential or patented information of our organizational clients, or any password or other confidential information. Cisco did not identify any impact on our products or services, and no other instance of Cisco CRM was affected.”
Cisco said the affected users were notified “when the law required”, but did not mention whether the data were used in nature. Crooks can sell it on the dark website, try to extort Cisco or use it to direct it to the company with personalized and convincing phishing attacks.
Vishing is a form of phishing performed by phone, and generally revolves around the criminal who convinces the victim who is someone who is not (a IT technician, a bank employee or a government agent).
Knowing that individuals are, or were, Cisco customers, threat actors can falsify the company and send emails that deceive victims to make payments, share login credentials or discharge malware.
Cisco users must be careful with incoming emails, especially those who claim to come from the company and have an urgency feeling with them.
