- A crook prompted a Cisco employee to grant access to a CRM
- The attacker then used access to data sensitive to exfiltrates
- The affected customers were informed “when the law required”
Cisco recently admitted from a cyber attack that has seen him lose a lot of customer data, including personally identifiable information (PII).
In a short announcement published on its website, the company revealed that a threat actor used vocal phishing (Vishing) to deceive a Cisco representative and access an instance of a customer relationship management system (CRM) based on the cloud (CRM).
After the intrusion, Cisco launched an investigation, which determined that the data of sensitive customers were extracted.
Passwords are safe
“Our survey determined that the exported data consisted mainly in basic account profile information of people who have registered with a user account on Cisco.com (name, organizational name, address, user ID assigned by Cisco, email address, telephone number and metadata linked to the account – such as the date of creation),” said Cisco.
“The actor has not obtained any of the confidential or owners of our organizational customers or password or other types of sensitive information. Cisco did not identify any impact on our products or services, and no other Cisco CRM body has been assigned. ”
Cisco said that affected users had been informed “when the law required”, but did not mention whether the data was used in the wild. Crooks can sell it on the Dark web, try to extort Cisco, use it to target business customers with designed and personalized phishing attacks.
Vishing is a form of phishing carried out by phone and generally revolves around the criminal convincing the victim, it is not a person, it is not (a computer technician, a bank employee or a government agent).
Knowing that individuals are or were Cisco customers, threat stakeholders can usurp the company and send emails that encourage victims to make payments, share connection identification information or download malware.
Cisco users should be wary of any incoming email, in particular those who claim to come from the company and bring a feeling of urgency with them.
