A third-party provider that handles telephony for Cisco’s Duo multifactor authentication service (MFA) has been compromised in a social engineering cyberattack. Cisco Duo Customers have been warned to be on alert for phishing schemes.
The company that handles SMS and VOIP MFA messaging traffic for Cisco was breached on April 1. The actor used compromised employee credentials and once inside the provider’s systems, they downloaded SMS logs for specific users within a certain timeframe. Cisco Duo did not identify the provider in its notice to users. Cisco advised impacted users to notify anyone whose information was exposed, and to remain vigilant against phishing attacks using stolen data.
Read More: Cisco Duo’s Multifactor Authentication Service Breached