Cisco has notified all affected customers to notify anybody who might be impacted and to remain watchful for any potential phishing efforts.
A cybersecurity incident involving a third-party telecommunications service provider has prompted a warning for users of Cisco’s Duo multifactor authentication service. Due to a social engineering attack, users may have been made aware of phishing attempts as a result of the incident.
A report published by Dark Reading claims that the breach happened as a result of threat actors obtaining employee credentials from the company that manages Cisco Duo’s SMS and VoIP communications. SMS logs that were downloaded on April 1st, 2024, with a specific focus on a few users between March 1st and March 31st, 2024, were obtained through unapproved access. The message content was not included in the records, but other metadata and private information, such as the receivers’ phone numbers, carriers, and locations, were.
Cisco has notified all affected customers to notify anybody who might be impacted and to remain watchful for any potential phishing efforts utilizing the compromised information. But in its advisory, the business omitted the identity of the compromised phone provider.
According to Jeff Margolies, chief product and strategy officer of Saviynt, the breach underscores an increasing pattern of targeted attacks against identity security companies. Noting instances involving big businesses like Okta and Microsoft, as well as going all the way back to the 2011 RSA SecurID Token hack, Margolies pointed out the historical frequency of these kinds of assaults.
These events highlight how important it is for identity security providers to strengthen their defenses and for businesses to assess how these breaches may affect their own security protocols. Margolies stressed how crucial it is to recognize the reliance on outside security services and to have strong controls in place in order to effectively identify and address security breaches.
Also read: Nurturing Responsible Online Behavior in Students by Building a Culture of Digital Citizenship
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics.