Missing MFA Strikes Again: Hacker Hits Collaboration Tools

Terabytes of Data Stolen From Cloud-Based Collaboration Tools, Researchers Warn Mathew J. Schwartz (euroinfosec) • January 6, 2026

Dozens of organizations that use real-time content collaboration platforms appear to have had their data stolen after they failed to protect cloud accounts using multifactor authentication.

See Also: Going Beyond the Copilot Pilot - A CISO's Perspective

A major broker of stolen access credentials for organizations, who uses the handle "Zestix," appears to have used information-stealing malware to amass corporate credentials for those tools and sell them to others. The broker also appears to have stolen terabytes' worth of data from firms that left their cloud-based collaboration software exposed, says threat intelligence firm Hudson Rock.

Stolen data advertised by Zestix includes 2TB of military police health data records, 77 gigabytes of aircraft manuals, mass transit schematics, litigation and other legal information, various types of patient health data and other ...