This week it was revealed that Cisco’s Duo had a vendor breached that handled VOIP & SMS for Duo. Duo does MFA, so this is potentially a big deal. I had a vendor send me this language for our own PR:

The severity of this incident cannot be overstated. The compromised information could be exploited by cybercriminals to launch highly targeted attacks against you and your organization.  

It can be overstated.

It’s estimated that the attack affected 1,000 people.

The exposed data is relatively minor¹

The data contained in these logs includes an employee’s:

• Phone number
• Carrier
• Location data
• Date
• Time
• Message type

Bleeping Computer

MSPs and cybersecurity professionals will undoubtedly fatigue the public if we cry wolf every time something happens in the cybersecurity realm.

1. I’m sure someone will flame me for saying this. Of course any data can be used for phishing or other nefarious purposes. I’m not saying that it can’t be. But it also isn’t a full set of PII and credentials. Notably, names, addresses, employers and related applications are all missing from this list. ↩︎