Attention Cisco Duo Users

A recent bulletin from Broadcom highlights an important warning for users of Cisco’s Duo multi-factor authentication (MFA) service. Following a supply chain breach, there’s a heightened risk of phishing attacks targeting Duo users.

According to the bulletin, the breach occurred at one of Duo’s SMS and VIoIP telephony service providers on April 1, 2024. An unknown actor employed a phishing technique to gain access to credentials, subsequently stealing metadata and logs for messages sent by some Duo account users in March 2024.

While the stolen data doesn’t include credentials or message contents, it does contain sensitive information like phone numbers, carrier, date and time, location, and message type. This data could be leveraged by attackers to craft more convincing phishing attempts, putting affected users at greater risk.

This breach underscores the ongoing interest attackers have in targeting MFA service providers. It also highlights the shared supply chain risks associated with relying on third-party providers for software, hardware, or services.

Stay vigilant, stay informed, and take necessary precautions to safeguard your accounts and sensitive information. Your cybersecurity is paramount.