The major networking company were first made aware of the compromise back in May, that was then confirmed by the Cisco Security Incident Response team that it was a network breach. Ironically, ransomware group Yanluowang published a partial list of those files that were stolen the same day.
While there was no ransomware deployed during the attack, the Security Incident Response Team noted that the initial attack vector was through a successful phishing attempt of an employee's personal Google account. This in turn, led to the compromise of the company's credentials and access to their VPN.
One user's honest mistake can potentially have an major impact on your organization. If an attack is very successful, your organization can be severely damaged due to the financial loss.
We highly recommend implementing frequent phishing tests and new-school security awareness training to your users. Remember - the stronger the human firewall, the stronger your organization is at stopping these types of attacks in the future!