Cisco confirmed on Tuesday that a cybercriminal successfully executed a voice phishing, or “vishing,” attack to compromise a company representative, resulting in the unauthorized access and theft of personal information from Cisco.com users.
The Anatomy of the Vishing Attack
The security breach was identified by the networking giant on July 24. According to the company’s official disclosure, the attacker manipulated a Cisco employee via phone, tricking them into granting system access. This allowed the perpetrator to export a subset of user data directly from a third-party, cloud-based Customer Relationship Management (CRM) platform.
Data Exposed in the Incident
The stolen information contains sensitive profile metadata, though Cisco has not disclosed the exact number of impacted accounts. The compromised data fields include:
- Full names and organization names
- Physical addresses
- Cisco-assigned user IDs
- Email addresses and phone numbers
- Account-related metadata, including account creation dates
Part of a Growing Trend
This incident mirrors a series of recent cyberattacks targeting enterprise data stored within Salesforce environments. As reported by Bleeping Computer, similar tactics have previously impacted major organizations, including Allianz Life, Tiffany & Co., and Qantas. Given that Cisco is a documented user of Salesforce services, security analysts are highlighting the risks associated with third-party cloud data management.
Cisco’s Response
Despite the severity of the breach, Cisco spokesperson Carro Halpin declined to provide specific figures regarding how many customers were affected. The company continues to investigate the scope of the exposure originating from the third-party CRM system to prevent further unauthorized access.