286/68 Thursday, August 7, 2025
On July 24, 2025, Cisco disclosed a data breach involving a third-party-managed Customer Relationship Management (CRM) system. The breach was caused by a vishing (voice phishing) attack, in which a malicious actor impersonated a trusted individual and contacted a Cisco employee via phone, ultimately gaining access to a subset of user account information registered through Cisco[.]com.
Cisco confirmed that the breach only affected basic user information, such as names, email addresses, and phone numbers. No sensitive data – including passwords or business customer information – was compromised. Additionally, Cisco’s internal systems and products were not impacted. Upon discovering the incident, the company immediately revoked the attacker’s access, notified relevant authorities, and contacted affected users.
Cisco also stated that it is enhancing its security measures, including providing additional employee training to improve awareness of vishing tactics and prevent similar incidents in the future. The company emphasized, “Every security incident is an opportunity to learn and strengthen our resilience, ultimately helping to secure both our organization and the broader cybersecurity community.”
Notably, this breach follows a separate claim in October 2024 by the hacker group IntelBroker, which alleged it had stolen data from Cisco’s DevHub and posted it for sale on underground forums. That incident reportedly included source code, access keys, API tokens, and confidential internal documents.
