Cisco has announced a data breach affecting users registered on Cisco.com, following a voice phishing (vishing) attack targeted at one of its employees.
The incident was discovered on July 24, 2025, when Cisco confirmed that attackers tricked an employee into granting access to a third-party CRM system used by the company.
The exposed information was limited to basic account profile details—such as names, email addresses, phone numbers, organization names, addresses, user IDs, and metadata like account creation dates. Importantly, Cisco affirmed that no passwords, proprietary corporate data, or confidential customer information were accessed. Additionally, no other CRM systems or internal products and services were compromised.
Cisco acted swiftly: it immediately terminated the attacker’s access, launched a detailed investigation, and notified affected users and relevant data protection authorities. The company also began retraining employees on how to recognize and prevent vishing attacks.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
