Cisco Live 2010 attendee list hacked

Someone hacked the list of attendees for the recent Cisco Live 2010 users' conference, a security breach that led Cisco to notify the customers as well as a broader group who have dealings with the company.

Cisco says it won't release details about where the data was stored or how it was breached but sometime last Thursday afternoon a vendor told Cisco that someone had made "an unexpected attempt to access attendee information through ciscolive2010.com," the event Web site.

Interesting Data about Data Breaches

That lead to the general notification that Cisco sent to attendees and others who had been invited but did not attend. According to Cisco, details about less than 20% of those on the list were compromised.

Cisco says the breach was closed quickly, "but not before some conference listings were accessed." The compromised information consisted of Cisco Live badge numbers, names, titles, company addresses and e-mail addresses. "No other information was available or accessed," according to the warning Cisco Live's event team sent via e-mail Thursday.

The same information is accessible to Cisco's World of Solutions partners, vendors that exhibit their technology collaborations with Cisco at public events.

Apparently the unexpected access attempt might have been made by someone who was actually authorized to access it, but Cisco isn't sure. "As we cannot yet confirm the information was accessed by an authorized Cisco Live partner, we encourage you to consider the appropriate precautions to protect against any unwanted email," the warning reads.

Others besides those who attended the conference also received the notification e-mail from the Cisco Live 2010 staff, including Network World blogger Larry Chaffin, who raises questions about implications of the breach.

Cisco says it has taken measures to lock down the data and has no more to say about it. "Due to security and privacy considerations, we do not plan to release additional details," a Cisco spokeswoman wrote in response to e-mailed questions about the data breach.

In general, if certain categories of data are compromised, businesses responsible for the integrity of the data must by law notify the people whose data was exposed. Cisco says this was not the case here. "No, we were not required to do so but felt it was our responsibility to inform impacted attendees as quickly as possible," the spokeswoman wrote in response to an e-mailed question.

This is the text of the notice Cisco sent to the Cisco Live 2010 attendee list and those who were invited but did not attend:

"We hope you have returned home safely and are back into your normal routine after a busy week at Cisco Live 2010.

"We are contacting you because on the final afternoon of Cisco Live, one of our vendors identified an unexpected attempt to access attendee information through ciscolive2010.com. The ability to access this information was quickly removed, but not before some conference listings were accessed.

"Cisco Live takes the security of attendee information very seriously and immediately elevated this matter to our chief security officer. His team completed a thorough review and as a result we believe your registration information -- specifically your Cisco Live badge number, name, title, company address and email address -- was accessed. No other information was available or accessed.

"Although these details are commonly accessed by our World of Solutions partners and often freely provided by Cisco Live attendees, we felt it was our responsibility to inform you as quickly as possible. As we cannot yet confirm the information was accessed by an authorized Cisco Live partner, we encourage you to consider the appropriate precautions to protect against any unwanted email. Please accept our apologies for any inconvenience that may result and feel free to contact us directly at support@ciscolive2010.com if you have any additional questions or information.

"We hope you enjoyed your Cisco Live experience and we look forward to welcoming you to Las Vegas in 2011.

"Regards,

"Cisco Live 2010 Team"

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Or
Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags securityciscodata breachCisco Live 2010

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Essentials

Mobile

Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >

Exec

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?