Cisco Web Site Breached
Beginning early Wednesday, registered users who tried to log in were greeted with a page that began "Cisco has determined that Cisco.com password protection has been compromised." The warning said that all passwords had been reset as a precaution, and then instructed users to e-mail Cisco for their new password. Failing an answer in five minutes, users were told to call technical support.
One Cisco user who contacted TechWeb reported that he had followed those instructions, and when he hadn't received an e-mail with his new password after 45 minutes, phoned technical support. There he said he was told that the system had suffered a "security breach" and that Cisco was working on the problem.
A Cisco spokesman wouldn't confirm or deny that a breach took place.
"A potential vulnerability was reported by a third party that could expose passwords for registered users," said Cisco's John Noh. "We researched and fixed the problem, and as a precautionary measure, reset all passwords.
"We don't believe any passwords were compromised," he added.
Calls to Cisco's toll-free technical support line were on longer-than-usual hold times due to the volume of calls from users seeking information and new passwords. Because of that, Cisco said in a security advisory posted to its Web site, "registered Cisco.com users may experience delays in receiving the new passwords."
Noh couldn't offer a timeline when users might receive their new passwords, but said all levels of the company were working on its "as quickly as possible."
This is the second black eye for Cisco in as many weeks. Last Wednesday, a former researcher with Internet Security Systems (ISS) spoke at the Black Hat conference and revealed new exploit techniques on existing vulnerabilities within Cisco's routers and switches. Cisco sought, and was given, an injunction to muzzle the researcher, and took a public relations beating at the hands of security researchers and analysts.
Cisco denied that Wednesday's password gaffe could be traced to a Cisco product vulnerability.
"This incident does not appear to be due to a weakness in Cisco products or technologies," the company said in a statement.