Cisco Experienced a Security Breach – Cybercriminals Obtained User Profile Information from Cisco.com

Cisco has confirmed that it was the target of a cyberattack, resulting in the theft of basic profile information from an undisclosed number of users registered on Cisco.com. The breach occurred after an employee fell victim to a sophisticated voice phishing, or “vishing,” attack, which the company became aware of on July 24, 2025. While the incident did not compromise sensitive information such as passwords, financial details, or confidential corporate data, it highlights the increasing threat of social engineering tactics aimed at employees as a means to access corporate systems. The attacker successfully manipulated a Cisco representative, gaining unauthorized access to a third-party, cloud-based Customer Relationship Management (CRM) system, from which they exported a dataset containing basic account details, including names, organisation names, physical addresses, Cisco-assigned user IDs, email addresses, and phone numbers.

Upon discovering the breach, Cisco’s security team acted swiftly to terminate the attacker’s access and initiated a full investigation to assess the incident’s scope. The company emphasised that the intrusion was limited to one specific CRM system, with no other internal systems, products, or services affected. Cisco affirmed that the attacker did not obtain any confidential or proprietary information from organisational customers, nor any passwords or sensitive data. In compliance with regulatory requirements, Cisco has engaged with relevant data protection authorities and is notifying affected users as mandated by law. The company views this incident as a critical learning opportunity to enhance its cybersecurity measures, focusing on re-educating personnel to recognise and defend against vishing attacks. Cisco issued an apology for any inconvenience caused, encouraging customers and partners to remain vigilant.