1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Cisco Duo says a third-party data breach stole MFA SMS logs

    From TechnologyDaily@1337:1/100 to All on Tue Apr 16 14:15:05 2024
    Cisco Duo says a third-party data breach stole MFA SMS logs

    Date:
    Tue, 16 Apr 2024 14:06:38 +0000

    Description:
    Hackers stole Cisco Duo customers' phone numbers, and the company is warning of possible incoming smishing attacks.

    FULL STORY ======================================================================

    Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident.

    In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didnt name, was compromised on April 1 2024. Unidentified threat actors mounted a phishing attack against the third party, through which they stole login credentials for the companys systems.

    With those login credentials, the attackers downloaded SMS and VoIP MFA message logs associated with specific Duo accounts. The logs were generated
    in March, it was said. Smishing incoming

    The message logs did not contain any message content but did contain the
    phone number, phone carrier, country, and state to which each message was sent, as well as other metadata (e.g., date and time of the message, type of message, etc.), the message reads.

    The Provider confirmed that the threat actor did not download or otherwise access the content of any messages or use their access to the Providers internal systems to send any messages to any of the numbers contained in the message logs.

    Obtaining phone numbers and other metadata is probably enough to run social engineering attacks such as phishing, or even engage in identity theft .
    Cisco warned its customers to be wary of any incoming SMS messages. "Please also consider educating your users on the risks posed by social engineering attacks and investigating any suspicious activity."

    When the victim company discovered the incident, they invalidated the compromised credentials and pinged Cisco about what had happened. They then implemented additional technical measures to prevent similar incidents in the future, as well as to mitigate the damage done by this attack.

    Cisco Duo has more than 100,000 customers and processes more than a billion authentications every month. It has more than 10 million downloads on Google Play.

    Via BleepingComputer More from TechRadar Pro You haven't actually got a massive road toll bill - it's a phishing scam, FBI warns Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cisco-duo-says-a-third-party-data-breac h-stole-mfa-sms-logs


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)