Attackers who phished Cisco downloaded user data from third-party CRM

Cisco has reported a security incident involving one of its representatives who fell prey to a voice phishing attack. This breach enabled attackers to access and download user profile information from a third-party customer relationship management (CRM) system. The company stated that the compromised data primarily contained basic account details of individuals who had registered for accounts on Cisco.com. This includes names, organization names, addresses, assigned user IDs, email addresses, phone numbers, and metadata related to account creation. Fortunately, Cisco assured that no sensitive information was exposed during this incident, including confidential data, passwords, or proprietary information. Additionally, the investigation revealed no signs of other CRM systems being compromised, nor were any of Cisco's products or services affected. Voice phishing has become a significant threat vector for ransomware groups and other malicious actors, enabling them to infiltrate even the most secure organizations. These attackers often employ a variety of communication methods, such as emails, voice calls, push notifications, and text messages, tailoring their approaches to mimic legitimate internal authentication processes. High-profile companies like Microsoft, Okta, Nvidia, Globant, Twilio, and Twitter have also been targeted through similar tactics.