Ha! Thanks for the data :-P

Okay, as far as I can tell from my Cisco Live team contacts the email is legit and was sent from Cisco, but I don't have any further information on the leaked data as I'm not involved there so I won't speculate - there is a team investigating this and I'll leave it up to them to provide further details. The only details I can provide is pretty much already covered in the email sent out: “Cisco has been made aware that some Cisco Live registration information may have been accessible to an outside party through the conference website. Our first priority is the security of our attendees and we take their privacy very seriously. The ability to access this information was immediately removed and the matter was elevated to Cisco’s chief security officer for immediate review. Our review showed that affected information is strictly limited to the name, title, affiliation, and email address of some Cisco Live attendees. No additional personal information – such as credit card data -- was compromised. As the affected information is limited to data that is commonly available via badge swipes onsite and/or the exchange of business cards, we do not believe this presents any threat to our attendees in terms of identity theft. The impact will likely be limited to unsolicited email communication. We are currently reaching out to those individuals to keep them informed and offer our apologies for any inconvenience.” – Cisco spokesperson.

... and collect the logs with the right debugging enabled ;-)

Where did you get the dumps, can you share the source of this information? Thanks.

So I'm a Cisco employee who attended Cisco Live as a speaker last week, I just checked with a contact (who sends emails out from support@ciscolive.com) and they are not aware of any of this - which leads me to think the email is faked. If someone can provide the original email header so we can investigate further that would be appreciated... my contact is checking into this further I will update if I find out anything else...

Can someone paste the header to see if the email from "Cisco" is legit or fraudulent? I attended Cisco Live and received no such email, and people who didn't attend received the mail, the Cisco Live team has a database of everyone who registered for the event so if the email was legit I would have expected to see it get sent to the correct audience?

I didn't need to see the rest ;-)

Most of that seems pretty specific to US to me.

http://twitter.com/stephenconroy http://departmentofinternets.com/ fake stephen conroy rocks!