Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs

Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks.

Cybersecurity vendor Cisco on Monday warned that hackers broke into an unidentified telephony supplier used to send Duo MFA SMS messages and stole log data that could be used in downstream attacks.

According to a customer notice from the Cisco Data Privacy and Incident Response Team, the breach exposed phone numbers, phone carriers, metadata and other logs that could lead to phishing and social engineering attacks.

From the Cisco warning:

“It is our understanding from the [unnamed telephony provider] that a threat actor gained access to the provider’s internal systems, on April 1, 2024, using a Provider employee’s credentials that the threat actor illicitly obtained through a phishing attack and used that access to download a set of MFA SMS message logs pertaining to your Duo ...