Okay, as far as I can tell from my Cisco Live team contacts the email is legit and was sent from Cisco, but I don't have any further information on the leaked data as I'm not involved there so I won't speculate - there is a team investigating this and I'll leave it up to them to provide further details.
The only details I can provide is pretty much already covered in the email sent out:
“Cisco has been made aware that some Cisco Live registration information may have been accessible to an outside party through the conference website. Our first priority is the security of our attendees and we take their privacy very seriously. The ability to access this information was immediately removed and the matter was elevated to Cisco’s chief security officer for immediate review. Our review showed that affected information is strictly limited to the name, title, affiliation, and email address of some Cisco Live attendees. No additional personal information – such as credit card data -- was compromised. As the affected information is limited to data that is commonly available via badge swipes onsite and/or the exchange of business cards, we do not believe this presents any threat to our attendees in terms of identity theft. The impact will likely be limited to unsolicited email communication. We are currently reaching out to those individuals to keep them informed and offer our apologies for any inconvenience.” – Cisco spokesperson.