Cisco Duo’s Multifactor Authentication service compromised by social engineering attack

Share post:

Cisco Duo, a prominent provider of multifactor authentication (MFA) services, has fallen victim to a cyberattack targeting one of its third-party telephony service providers. Cisco has issued an advisory to customers, alerting them of potential follow-up phishing attempts leveraging the breach.

The incident, which occurred on April 1, involved unauthorized access by threat actors using stolen employee credentials to download SMS logs from the provider’s systems. These logs contained metadata such as phone numbers, carriers, and message times for messages sent in March 2024, though no content from the messages was exposed.

Upon discovery, Cisco Duo informed its customers and advised them to caution any individuals whose data may have been compromised. The company stressed the importance of vigilance against subsequent phishing attacks that may use the stolen information.

This breach underscores a growing pattern of attacks targeting identity security providers. Experts, like Jeff Margolies of Saviynt, point to historical precedents, including incidents involving Okta and Microsoft, as well as the RSA SecurID Token attack in 2011.

The breach highlights the vulnerability within the supply chain of identity security services and the importance of stringent security measures. Margolies emphasizes the need for companies to understand their reliance on such third-party providers and to have robust mitigating controls in place.

In light of the breach, organizations are urged to assess the impact on their cybersecurity posture and implement additional controls to detect and respond to any incidents involving their identity security providers.

The incident with Cisco Duo is a stark reminder of the importance of cyber resilience in an increasingly interconnected digital ecosystem, where the security of one provider can have cascading effects on numerous organizations and users.

 

SUBSCRIBE NOW

Related articles

AWS Launches Physical Locations for High-Speed Cloud Data Uploads

Amazon Web Services (AWS) unveiled a novel service at its re:Invent 2024 conference: Data Transfer Terminal, a network...

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

OpenAI’s Text-to-Video Generator Leaked by Disgruntled Artists

A group of 16 artists has leaked OpenAI's unreleased text-to-video generator, Sora, accusing the $157 billion AI company...

Who Owns Your Social Media Accounts? Elon Musk Says YOU Don’t. Hashtag Trending for Thursday, November 28, 2024

Can AI help accelerate renewable energy projects?  Artists leak OpenAI’s New Video Tool In Protest, and Who really...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways