Cisco Event Response: Kaseya VSA Security Incident

Version 1.1: July 7, 2021

On July 2, 2021, Kaseya announced its VSA product was the victim of a cyberattack. Cisco will provide updates on its investigation process and answers to common questions via this page which serves as the most up-to-date authoritative status. This information is based on Cisco’s investigation to-date and is subject to change.

Cisco will notify affected organizations directly or through our established communication processes if information is found that requires customer/partner-specific action.


The following resources provide further detail about this security issue and Cisco’s recommendations for customers.

Cisco Response

Upon Kaseya’s announcement of the security incident, Cisco immediately began its investigation process. At this time, there is no known impact to Cisco products, services, or to any customer data. We continue to investigate all aspects of this issue with the highest priority.

Common Questions

Q: Does Cisco use Kaseya VSA?

No. At this time, Cisco has found no instances of Kaseya VSA used within the Cisco production network.

Q: Is Cisco’s business impacted by the VSA security incident?

At this time, there is no known impact to Cisco products, services, or to any customer data.

Q: Has Cisco incorporated the latest protections into its products and services?

Yes, Cisco products and services incorporate the latest protections against this threat. Please see the Cisco Talos threat intelligence post for the latest information.

Q: Are Cisco’s suppliers/vendors impacted by this issue?

At this time, no Cisco supply chain partners are impacted by this issue. We continue to engage with our vendors to assess any potential impacts to their businesses.

Product Support

Cisco customers or partners with questions related to Cisco products are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

For urgent questions on the impact to Cisco not answered here, customers may contact the Cisco Product Security Incident Response Team (PSIRT).


This document is part of the Cisco Security portal. Cisco provides the official information contained on the Cisco Security portal in English only.

This document is provided on an “as is” basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. Cisco reserves the right to change or update this document without notice at any time.

Back to Top