“According to the posting, an unidentified bad actor on July 24 targeted a Cisco representative in a voice phishing (vishing) attack that enabled the attacker ‘to access and export a subset of basic profile information from one instance of a third-party, cloud-based customer relationship management (CRM) system that Cisco uses.’”