Our phone system is an IP phone system and got hacked in the Saturday midnight, for 77 attempts and 1,866 mins. The dialed location is Cayman Islands.
Our vendor checked and found the compromised extension's voice mailbox used the default password '0000'. Even so, I still don't understand how the hacker got in --
Did they get through our ASA and then into our LAN?
Did they hack to our file servers?
Can someone help me understand this please?