Insights & Analyses

Job applicant names, addresses, passwords, more leak from Cisco – One World Identity

November 9, 2016

Job seekers hoping to find employment at networking and telecom giant Cisco may have instead had sensitive personal information leaked into the wild, including usernames, passwords, and even answers to security questions.

Cisco has alerted prospective job candidates of the potential data breach, in which highly sensitive information may have been accessed by third parties. The company did not disclose how many people may have been affected.

Information made accessible was said to include names, addresses, usernames, passwords, answers to security questions, gender, veteran status, disability, and more. Also possibly a part of the leak was personal information about employment or education that the applicant included in their resume or cover letter.

Cisco, known as a global leader in cybersecurity solutions, does not believe the insecure information was misused. However, the company did warn all affected people who applied via its Cisco Professional Careers Website.

Affected applicants are advised to change their passwords for any other websites that might use the same credentials.

Data breaches involving customers, end users and employees are becoming relatively common, though Cisco’s lapse with job applicants who don’t even work there is a new twist on cybersecurity concerns. Other recent high-profile hacks include data being stolen from 1.5 million Verizon Enterprise Solutions customers, and when 700 Snapchat employees all fell victim to a phishing scheme, providing Social Security numbers and wage data.

According to the Breach Level Index, more than 5 billion data records have been lost or stolen since 2013. Only 4 percent of breaches were classified as “secure breaches,” where encryption was used and the stolen data was rendered useless.