Cisco said that one of its representatives fell victim to a voice phishing attack that allowed threat actors to download profile information belonging to users of a third-party customer relationship management system.
“Our investigation has determined that the exported data primarily consisted of basic account profile information of individuals who registered for a user account on Cisco.com,” the company disclosed. Information included names, organization names, addresses, Cisco assigned user IDs, email addresses, phone numbers, and account-related metadata such as creation date.