IT giant Cisco, which makes networking hardware, software, and telecommunications equipment, recently faced a major data breach, the company disclosed on Friday.

A Cisco representative fell victim to a voice phishing or “vishing” attack, when a caller pretends to be a legitimate individual or organization, and tricked the employee over the phone to obtain the personal information of Cisco.com users.

Related: ‘Largest Data Breach in History’: Apple, Google, and Meta Passwords Reportedly Among 16 Billion Stolen in Massive Hack

The bad actor was able to access and export a subsection of profile information from Cisco’s cloud customer management system. They stole data from individuals who had registered for a Cisco.com account, including customer names, organization names, addresses, email addresses, and phone numbers.

Cisco discovered the breach on July 24. The company stated that the data breach did not affect passwords or impact any of its products or services. It added that it notified affected customers where required by law and talked to data protection authorities.

“We are implementing further security measures to mitigate the risk of similar incidents occurring in the future, including re-educating personnel on how to identify and protect against potential vishing attacks,” Cisco stated in the disclosure.

Cisco declined to provide details of the breach to TechCrunch, including how many users were impacted by it. The company has more than 300,000 global customers. Cisco had a market value of $268 billion at the time of writing, with its stock up over 14% year-to-date.

Related: AT&T Customers Are Eligible for Up to $5,000 in a New Settlement. Here’s What to Know.

Cisco uses Salesforce to manage customer relationship data, and this incident was one in a series of recent attacks that impacted Salesforce customers. For example, U.S. insurance company Allianz Life uncovered a data breach last month that exposed the personally identifiable information of the majority of its 1.4 million customers, including addresses, dates of birth, and Social Security numbers.

Two of the company’s customers, Cheryl Marotta and David Werner, filed a class action lawsuit on Tuesday related to the breach, alleging that Allianz failed to safeguard their personal information because the data was unencrypted and stored in one database.

Another company, Australian airline giant Qantas, also underwent a data breach on June 30, which impacted the personal information of more than six million customers. The bad actor called one of the company’s call centers and used the call to steal information like names, phone numbers, and dates of birth.

^{Join top CEOs, founders and operators at the Level Up conference to unlock strategies for scaling your business, boosting revenue and building sustainable success.}

Last week, social network Tea experienced a that exposed personal information for its users. The dating safety app for women said at the time that “there is no evidence to suggest that current or additional user data was affected.” However, 404 Media reports that the problem is bigger than originally stated. The site credits independent security researcher , who found that content from the platform as recent as last week has been exposed.

Additionally, this source claims that the compromised information could allow hackers to view messages between Tea users. DMs might include other sensitive information, such as personal phone numbers, discussions of cheating and experience obtaining abortions. 404 Media claims this is a second leak of personal information at Tea, separate from the database posted on 4chan last week.

Tea’s security issues come during a surge in popularity. The app allows women to anonymously share personal stories about their dating experience, with the intended goal of letting others know if the men they are meeting might be a risk to their personal safety, were engaged in catfishing, or were already in a relationship.

We’ve reached out to Tea for confirmation of whether this is a second breach or a part of the previously reported leaked data.

Indian grocery delivery startup KiranaPro’s recent data loss story has more holes than Swiss cheese, as the startup remains unclear whether the incident was an internal breach or an external hack.

Last week, the Bengaluru-based startup discovered that it could not access its back-end servers and that all its data, including its app code, had been deleted from GitHub. The startup on Friday blamed a former employee for the breach. However, in an interview, KiranaPro co-founder and CEO Deepak Ravindran conceded that the company had not deactivated the employee’s account after they departed the company and cannot rule out the possibility of subsequent malicious misuse of their account.

“If we go deeper, we have to do a real forensic investigation. We are going to talk [about] this with our board, the investors, and we are going to get a formal opinion on that also with our legal advisers,” Ravindran told TechCrunch.

Earlier on Friday, Ravindran claimed in a post on X that the incident that affected its data was an internal breach.

“After careful investigation, we conclude that this was not a hack. No external party penetrated our ordering or payment systems, exploited vulnerabilities, or bypassed security protocols,” he wrote.

The co-founder also explicitly shared a screenshot of a LinkedIn profile of one of KiranaPro’s former employees on X on Thursday, alleging that they had deleted the startup’s code. (TechCrunch is not sharing the post’s link, as the startup has yet to offer concrete proof supporting its position.)

“[T]his was an internal data breach. Specifically, it was the result of actions taken by a trusted internal employee who had legitimate access to our systems,” the co-founder wrote in his post on Friday. “This individual intentionally deleted critical server logs while they were being tested and/or edited, an action that goes directly against our policies, our principles, and the trust we place in our team.”

When TechCrunch asked if KiranaPro could rule out whether any third party had maliciously gained access to the former employee’s account, Ravindran could not.

“We have to do a complete forensic check on the company. We have to do the entire IP scan. We have to look at where the tracks happened. We have to check the computers, MacBooks, and whatever is used. Everything has to be done. Then we have to spend money … so, that’s why we decided not to,” he told TechCrunch.

Then what was the basis of Ravindran’s allegation? It was a GitHub response, a copy of which he shared with TechCrunch.

The response included a username, which Ravindran said was associated with the former employee.

“All we have is the emails that we got from GitHub, stating that [the former employee’s username] as an individual is the one who deleted the account. We haven’t done the investigation further,” Ravindran told TechCrunch.

Former employee’s account was never offboarded

Launched in late 2024, KiranaPro operates as a buyer app on the Indian government’s Open Network for Digital Commerce. The startup allows more than 55,000 customers in 50 cities to purchase groceries from their local shops and nearby supermarkets using its voice-based interface. The company also supports local language inputs, including English, Hindi, Malayalam, and Tamil.

Ravindran stated that they decided to call out the former employee based on the company’s “belief system,” as they claim the former employee deleted the data after their sudden termination.

However, the startup said it is not aware if there were enough protections on the former employee’s devices, such as multi-factor authentication, to restrict malicious third-party access, like malware.

The company confirmed it did not remove the employee’s access to its data and GitHub account following his departure.

“Employee offboarding was not being handled properly because there was no full-time HR,” KiranaPro’s chief technology officer, Saurav Kumar, confirmed to TechCrunch.

Company restores AWS account and GitHub data

Alongside its code saved in GitHub, KiranaPro also lost access to its Amazon Web Services (AWS) account, which included its customer data and their transaction details.

Ravindran told TechCrunch that the GitHub data was restored after getting its backup from one of their employees. The startup also regained access to its AWS account along with its customer data.

Both the co-founder and CTO said the AWS account was protected by multi-factor authentication, but neither could say how the account was accessed, as nobody else had physical access to Ravindran’s phone, which generates the multi-factor code.

Nonetheless, Ravindran claimed that the customer data stored in the AWS cloud remained intact and was not accessed by any third parties, nor was it downloaded by the former employee in question.

“Because if that is the case, I will get its notification on email or anything [sic],” he said.

That said, Ravindran stated that the startup has enough evidence to file a formal complaint with the police, but said that its investigation is ongoing.

The startup has also not fully paid its current employees, the company’s co-founder confirmed, soon after the company raised a seed round of ₹100 million Indian rupees (about $1.2 million), which Ravindran said has yet to be fully wired.

The startup counts Blume Ventures, Unpopular Ventures, and Turbostart among its institutional venture backers, as well as Olympic medalist PV Sindhu and Boston Consulting Group managing director Vikas Taneja among its angel investors. It has 15 employees located in Bengaluru and Kerala.