I, along with thousands of others, received an interesting e-mail from Cisco this morning warning me that details about me seem to have wound up in the hands of unauthorized people. Cisco Subnet editor, Julie Bort, also received an e-mail tip from a reader about the situation. You know I have many thoughts and opinions to share, but before I get into that, here's the e-mail in full.
UPDATED 07-09-10: I have update this post with a response from Cisco below. Here's a link to Network World's news story, too
Please note that I didn't attend Cisco Live this year.
Dear larry chaffin,
We hope you have returned home safely and are back into your normal routine after a busy week at Cisco Live 2010.
We are contacting you because on the final afternoon of Cisco Live, one of our vendors identified an unexpected attempt to access attendee information through ciscolive2010.com. The ability to access this information was quickly removed, but not before some conference listings were accessed.
Cisco Live takes the security of attendee information very seriously and immediately elevated this matter to our chief security officer. His team completed a thorough review and as a result we believe your registration information – specifically your Cisco Live badge number, name, title, company address and email address– was accessed. No other information was available or accessed.
Although these details are commonly accessed by our World of Solutions partners and often freely provided by Cisco Live attendees, we felt it was our responsibility to inform you as quickly as possible. As we cannot yet confirm the information was accessed by an authorized Cisco Live partner, we encourage you to consider the appropriate precautions to protect against any unwanted email.
Please accept our apologies for any inconvenience that may result and feel free to contact us directly at firstname.lastname@example.org if you have any additional questions or information.
We hope you enjoyed your Cisco Live experience and we look forward to welcoming you to Las Vegas in 2011.
Cisco Live 2010 Team
But here are some interesting questions sent in by a reader, a CCIE, who got this e-mail and also neither registered or attended Cisco Live this year.
Has the CCIE database been hacked?
The notice from Cisco regarding the highly embarrassing data breach at Cisco Live is straight forward on the surface. However, there are a few things to consider. Several states have laws requiring the notification of people who's personal information has been stolen, so it certainly makes sense that Cisco would email those who data might have been stolen. This notice seems to imply that the data stolen belongs to attendees at Cisco Live.
So why notify a CCIE who hasn't registered for, nor attended Cisco live?
Could it be that some of the data stolen includes the CCIE list? And if so who stole the CCIE list?
Could it be that the CCIE list was stolen by a headhunter? Or maybe a Cisco competitor?
Should CCIEs be expecting recruitment pitches, or some special offer from a Cisco competitor?
Has the Cisco CCIE database been stolen, and if so, is Cisco trying to cover it up?
For my part, I find the following statement in the e-mail to be, at the very least, questionable. "Although these details are commonly accessed by our World of Solutions partners and often freely provided by Cisco Live attendees, we felt it was our responsibility to inform you as quickly as possible."
As I mentioned, I myself did not make it to Cisco Live this year as Cisco waited until the last week to tell me I had a press pass. (Disclosure: this and other factors from Cisco lead me to drop Cisco as a partner last week), but that did not stop my information from being accessed (or, to use another word, "stolen") in connection with Cisco Live.
I am just amazed that a company this size has something like this happen at their own event. In the email that Cisco sent me it says that the security offer's " team completed a thorough review and as a result we believe your registration information – specifically your Cisco Live badge number, name, title, company address and email address– was accessed. No other information was available or accessed. ”
Note that Cisco is telling me that they “believe” they know what information was accessed, which means that they also believe they know that “no other information was accessed.” How can Cisco tell me that? Also in the e-mail it states “Although these details are commonly accessed by our World of Solutions partners ...” Are they giving out access to a database of all the information?
UPDATED 07-09-10: I heard back from Cisco today. My question was: Why does Cisco give information to World of Solution Partners, base on this line in the email? Answer: "Cisco does not release attendee information to World of Solutions partners; however, registration information such as name, company and email address is commonly accessed by World of Solutions partners when attendees offer their badges for scanning in the partner booths," Kristin Carvell, Cisco Corporate PR. <end updated information>
To myself it just proves a point. Cisco used to be about routing, switching and security. Now it is about trying to make a copy of the iPad, video everywhere and CTOs who seem to Twitter all day long. I feel as Cisco has become a marketing machine that twists and turns words to make a good pitch to the Cisco faithful, thinking they have to be into everything. But as I tell my customers around the world, “it is better to do five things really freaking well than to do 20 things average.” Cisco has lost their way with their base, but maybe this embarrassing security problem will make them re-focus again on the things that made them great.
Posted by Cisco Subnet editor Julie Bort. Got a tip? send it Julie, email@example.com
More from Cisco Subnet:
Like RSS readers? Subscribe to the Cisco Subnet RSS feed
Larry Chaffin Ph.D is the Chief Executive Officer/Chairman and founder of Pluto Networks, a Consulting and VAR partner specializing in WAN acceleration, VoIP, WLAN, telepresence and security.
Pluto Networks is a Riverbed reseller. Pluto was previously a Cisco reseller but in June, 2010, ended its reseller relationship with the company and is no longer a Cisco channel partner.
Pluto Networks specializes in the needs of small, large and enterprise companies by always giving them a great ROI on the products they sell. Pluto Networks has a presence in 23 countries around the world enabling all of its consultants to be virtual. Larry was a Judge at Interop for the Best of Interop Awards for 2009.
Larry has also co-authored all of the books listed below:
Managing Cisco Secure Networks, Skype Me, Practical VOIP Security, Configuring Check Point NGX VPN-1/Firewall-1,Configuring Juniper Networks NetScreen & SSG Firewalls,Essential Computer Security: Everyone's Guide to Email, Internet, and Wireless Security, How to Cheat at Microsoft Vista Administration, Microsoft Vista for IT Security Professionals, Asterisk Hacking, 2008 VoIP and Video Conferencing, Infosecurity 2008 Threat Analysis and author of Building a VOIP Network with Nortel's MS5100, along with co-authoring/ghost writing eleven other technology books for VIOP, WLAN, security and optical technologies. Larry is currently working on a follow up to Building a VoIP network with Nortel's MCS 5100 Book as well as new books on Cisco Telepresence Networks, Practical VoIP case studies and WAN Acceleration with Riverbed.
Larry also has more than 29 vendor certifications and has been working on many others. Larry has been a principal architect around the world in 22 countries for many Fortune 100 companies designing VoIP, security, wireless and optical networks. He has expanded over time also to include application acceleration. Larry is working with worldwide company now out of Asia as a Special Assistant to the CEO and CIO as they go through organizational and network changes, helping them with strategic advice from his years of experience.
Pluto Networks is a channel partner of, LifeSize, Riverbed, Call Copy, Fastsoft and Symantec.