Thread regarding Cisco Systems Inc. layoffs

Cisco VPN debacle

So last friday we were all told to change passwords within 24 hrs. There was a breach. Since Monday, thousands of cisco people could not get vpn or duo to authenticate so for 4 days, many could not access our internet sites, tools, etc. only webex and email. Internal support has not publicly addressed or communicated anything. Waited 2 hrs on hold for internal support. They could not give a date on resolution! Now we know how out customers feel about our cr-p software and product support!

by
| 8561 views | | 50 replies (last ) | Reply
Post ID: @OP+1h3CJ0S6

50 replies (most recent on top)

I know little about legal part. With my limited knowldge, If there is not data leak on the sensitive information (like PII, PCI), a company need not to inform the regulatory board. If any sensitive information has been breached/leaked then the company should inform the regulatory board in 24 hours ( Could be more) .we haven't heard anyting in news so we have not disclosed anyting to regulatory yet. But I am wondering what it has to do with the legal and regulation to provide an interim update about the on-going even in our company please?....not doing so - may lead to unnecessary speculations - I think this is more damaging than an update from ELT? isn't it?. I came from a small company and it was like a family but I don;t know how big corporate works. Hope they are not trying to hide or manage (manipluate) the story before disclosing.

by
| | Reply
Post ID: @1bew+1h3CJ0S6

You do know there could be legal reasons as to why they wouldn't\couldn't tell employees, right? I'm sure things will be made clear in some amount of time but I've been wrong in the past

by
| | Reply
Post ID: @1ngi+1h3CJ0S6

Post ID: @1hwl+1h3CJ0S6

May you kindly advice why a company ask their all employees to reset password two times in a week please? Breach doesn't mean a company lost all its assets, there are different stages in a breach (MITRE ATT&CK steps)...I have strong feeling that Infosec team might have discovered something unusual in the corporate network - which advancing towards to become a major breach. having said that, we never heard anything from our ELT. As usual, ELT is well trained to suprress the internal issues and project us as the best to external world. - To end with a joke - even if someone managed to access confidential data, and If they were engineering data - Am sure the attackers were very disappointed with our progresss. Only they could find on IP routing & Merchant silicon :-)

by
| | Reply
Post ID: @1bcr+1h3CJ0S6

“ So last friday we were all told to change passwords within 24 hrs. There was a breach. ”

Totally fabricated statement. Yes, we are told to change passwords but the email did not mention anything about any breach - that part is invented by OP. OP is lying.

by
| | Reply
Post ID: @1hwl+1h3CJ0S6

Employees are not d-mb, if the company is so big on being open and trying to tackle bigger social issues, then telling it’s employees of the reason why they can not connect to work should not be a big deal.

by
| | Reply
Post ID: @1kta+1h3CJ0S6

The illusion of employee trust

by
| | Reply
Post ID: @1klk+1h3CJ0S6

Inside job

by
| | Reply
Post ID: @1ptp+1h3CJ0S6

I just got a email to change my password yet again after I already changed it…..

by
| | Reply
Post ID: @1gys+1h3CJ0S6

So no real work could be done, just another day in the number 1 software company

by
| | Reply
Post ID: @1hkr+1h3CJ0S6

Just call TAC - they'll fix it for sure.

by
| | Reply
Post ID: @mgj+1h3CJ0S6

Post a reply

: