Cybersecurity breach strikes Cisco duo's multifactor authentication service

On April 1, unauthorized access was gained, and SMS logs were downloaded, specifically targeting certain users between March 1, 2024, and March 31, 2024.
ETCISO Desk
  • Published On Apr 17, 2024 at 10:31 AM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals

Cisco's Duo multifactor authentication service has issued a warning to its users following a cybersecurity breach involving a third-party telephony service provider. The incident, which was the result of a social engineering attack, could potentially expose users to phishing schemes.

According to a report by Dark Reading, the breach occurred when threat actors obtained employee credentials from the provider that handles SMS and VOIP traffic for Cisco Duo. On April 1, unauthorized access was gained, and SMS logs were downloaded, specifically targeting certain users between March 1, 2024, and March 31, 2024. While the logs did not include the content of the messages, they contained sensitive details such as phone numbers, carriers, and the geographical data of the recipients, along with other metadata.

Advt
Cisco has advised all impacted customers to alert potentially affected individuals and to stay vigilant against possible phishing attempts using the stolen data. The company, however, did not disclose the name of the compromised telephony provider in its advisory.

The breach highlights a growing trend of targeted attacks against identity security providers, a concern echoed by Jeff Margolies, chief product and strategy officer at Saviynt. Margolies noted the historical prevalence of such attacks, citing incidents involving major companies like Okta and Microsoft, and even dating back to the RSA SecurID Token breach in 2011.

These incidents underline the critical need for identity security providers to enhance their defenses and for companies to evaluate the implications of such breaches on their own security measures. Margolies emphasized the importance of understanding the dependency on third-party security services and having robust controls in place to detect and respond to security breaches effectively.

  • Published On Apr 17, 2024 at 10:31 AM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App