Cisco Systems Inc has offered a sincere apology to all its users who were affected by its Professional Careers portal data leak. Cisco Job portal where the data leak occurred serves as a platform to connect qualified job seekers to join one of the best Fortune 100 companies. The jobs include Big data, Cloud, Mobility & Wireless, OpenStack, Security, Datacenter technology, Information Technology, Engineering hardware, and software.
The American Multinational company which offers High technology products and services said that the vulnerability which leaked truckloads of personal info was fixed in the weekend and measures are put in place to curb such events in future on a permanent note.
The California giant has informed all its affected users via email in which it stated that “a limited set of job applications related data”, was leaked by the mobile version of the website due to an incorrect security setting placed by a system maintenance 3rd party website.
As per the email statement, Cisco’s unprotected security settings were in place between Aug’15 to Sept’15 and again from July to August 2016.
The exposed data includes real and login names, passwords, physical and email addresses, phone numbers, answers to security questions, users’ education and professional background, achievements, cover letters and such.
Cisco has also urged its job portal users to change their passwords immediately and said that the disclosure was made official and public as a part of its commitment to trust and transparency.
Although the company assures that the info did not land up in wrongful hands, security experts say that the damage cannot be readily foreseen and can only be estimated in future, as the leaked data can most probably act as a fodder to social engineering attacks.
After this personal data leak, Cisco has allowed its users to place a free 90-day fraud alert on their account- based on their preference and willingness.