cyber Ransomware

Cisco

Nov 12, 2023 1 min read
Cisco

Cisco has addressed a security flaw that allowed personal data to leak from the company's Professional Careers portal.

Cisco clarifies that just a small amount of information connected to job applications was stolen from the mobile version of the website in its email notification of the issue to the impacted individuals.

As to the security alert distributed by Cisco to its users, an erroneous security configuration on a third-party site following system repair was the cause of data leaking.

The information leaked by Cisco comprises personal details such as name, password, email address, phone number, security question answers, professional profile and educational background, cover letter, resume content, and other details.

Source: https://securityaffairs.com/53159/data-breach/cisco-data-leak.html

TPRM report: https://scoringcyber.rankiteo.com/company/cisco

"id": "cis1221121123",
"linkid": "cisco",
"type": "Data Leak",
"date": "11/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Cisco',
                        'type': 'Company'}],
 'attack_vector': 'Erroneous Security Configuration',
 'data_breach': {'personally_identifiable_information': ['name',
                                                         'email address',
                                                         'phone number',
                                                         'security question '
                                                         'answers'],
                 'type_of_data_compromised': ['personal details',
                                              'professional profile',
                                              'educational background',
                                              'cover letter',
                                              'resume content']},
 'description': 'Cisco has addressed a security flaw that allowed personal '
                "data to leak from the company's Professional Careers portal. "
                'The data leak occurred due to an erroneous security '
                'configuration on a third-party site following system repair.',
 'impact': {'data_compromised': ['name',
                                 'password',
                                 'email address',
                                 'phone number',
                                 'security question answers',
                                 'professional profile',
                                 'educational background',
                                 'cover letter',
                                 'resume content'],
            'systems_affected': 'Professional Careers portal'},
 'post_incident_analysis': {'root_causes': 'Erroneous Security Configuration'},
 'title': 'Cisco Professional Careers Portal Data Leak',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Security Misconfiguration'}
Published by
Roshni Ray
Roshni Ray
You might also like
Cyber Attack cyber

VetIS

public 1 min read
A cyberattack on the Mercury platform, part of Russia’s Federal State Information System for Veterinary Surveillance (VetIS), caused significant…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.