Cisco Confirms Data Breach After Being Outed by Cybergang

The hackers were able to gain access to Cisco’s system by duping one of its employees, and allegedly took 2.75GB of data.

Multinational company Cisco has become the latest cybercrime casualty after threat actors gained access to its servers via an employee’s personal Google account.

While the Silicon Vally company hasn’t reported suffering any major consequences from the breach, the cybercriminals — with links to the Lapsus$ and Yanluowang cybergangs — claimed to have retrieved over 3,000 files containing 2.75GB of company data.

Cisco hasn’t given into the extorter’s requests, but with phishing campaigns of this kind growing exponentially, it’s clear that companies need to do everything in their power to address employee negligence.

Cisco’s Suffered a Data Breach in May 2022

Cisco, the San Jose-based technology company, recently confirmed that it fell victim to a cybersecurity attack in May of this year.

The attackers are understood to have links to both the Lapsus$ and Yanluowan ransomware gangs. They were able to dupe a Cisco employee into accepting multi-factor authentication (MFA), which then allowed them to gain access to the virtual private network (VPN) of the targeted user.

From here, the bad actors were able to hijack the employee’s personal Google account and access Cisco’s login data through the worker’s synced browser. After entering the system, they used enumeration tools to collect information before getting kicked out by Cisco’s security team.

Cisco and the Hackers Disagree Over Data Loss

According to the company, no sensitive data was taken from the employee’s box folder and Cisco immediately took action to contain and eradicate the bad actors.

“Cisco did not identify any impact to our business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations.” – Cisco spokesperson

However, according to the hackers, Cisco’s public statement wasn’t entirely true. When reaching out to BleepingComputer, the attackers claimed that they stole over 3,000 files were stolen, including classified engineering drawings and non-disclosure agreements (NDAs). The files supposedly amount to around 2.75GB of stolen data.

The hackers have the evidence to back it up, too. They recently released information about the Cisco breach on their data leak site, and even posted a redacted NDA document, as proof of the attack.

How to Prevent Cases of Employee Negligence?

Unfortunately, the surprisingly low cost of phishing campaigns paired with poor cybersecurity awareness provides very lucrative opportunities for cybercriminals. Therefore, attacks of this kind are becoming all too common within the business landscape.

In fact, with over 69% of reported breaches involving data misuse by insiders, employee negligence continues to be the #1 cybersecurity threat to US businesses today. Luckily, companies can adopt a number of methods to minimize risks, here are just a few:

  • Implement a strict password policy – The majority of data breaches result from weak and inadequate passwords. By enforcing a strong password policy for all workers and using tools like password managers, password hacking can be kept to a minimum.
  • Make sure workers keep software updated – Outdated software provides hackers with an easy way to exploit vulnerabilities. To avoid this from happening, make sure your workforce regularly updates their antivirus software.
  • Train your staff about phishing – Hackers are able to make their phishing traps look pretty convincing. To make sure workers don’t fall for fake links, it’s important to train them to look out for suspicious requests.


Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:
Isobel O'Sullivan (BSc) is a senior writer at with over four years of experience covering business and technology news. Since studying Digital Anthropology at University College London (UCL), she’s been a regular contributor to Market Finance’s blog and has also worked as a freelance tech researcher. Isobel’s always up to date with the topics in employment and data security and has a specialist focus on POS and VoIP systems.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is's top-rated VPN service See Deals