Cisco Duo’s Multifactor Authentication service compromised by social engineering attack

Share post:

Cisco Duo, a prominent provider of multifactor authentication (MFA) services, has fallen victim to a cyberattack targeting one of its third-party telephony service providers. Cisco has issued an advisory to customers, alerting them of potential follow-up phishing attempts leveraging the breach.

The incident, which occurred on April 1, involved unauthorized access by threat actors using stolen employee credentials to download SMS logs from the provider’s systems. These logs contained metadata such as phone numbers, carriers, and message times for messages sent in March 2024, though no content from the messages was exposed.

Upon discovery, Cisco Duo informed its customers and advised them to caution any individuals whose data may have been compromised. The company stressed the importance of vigilance against subsequent phishing attacks that may use the stolen information.

This breach underscores a growing pattern of attacks targeting identity security providers. Experts, like Jeff Margolies of Saviynt, point to historical precedents, including incidents involving Okta and Microsoft, as well as the RSA SecurID Token attack in 2011.

The breach highlights the vulnerability within the supply chain of identity security services and the importance of stringent security measures. Margolies emphasizes the need for companies to understand their reliance on such third-party providers and to have robust mitigating controls in place.

In light of the breach, organizations are urged to assess the impact on their cybersecurity posture and implement additional controls to detect and respond to any incidents involving their identity security providers.

The incident with Cisco Duo is a stark reminder of the importance of cyber resilience in an increasingly interconnected digital ecosystem, where the security of one provider can have cascading effects on numerous organizations and users.



Related articles

Amazon reviews losing trust as number of fake reviews are uncovered

Amazon's customer review system, once trusted for its verified buyer opinions, is increasingly under scrutiny as more and...

Apple Vision Pro U.S. sales plummet

Apple's Vision Pro headset, priced at $3,500, is experiencing a significant drop in U.S. sales. Market analysts report...

Security research team claims to have helped avert a major supply chain attack

JFrog Security Research team continuously scans public repositories such as Docker Hub, NPM, and PyPI to identify malicious...

Phishing attacks on state and local governments surge by 360%

Phishing attacks targeting state and local governments have surged by 360% between May 2023 and May 2024, according...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways