Duo Security Incident

A recent security incident was reported by our technology partner, Duo Security, a part of Cisco, involving one of their telephony suppliers used for multifactor authentication (MFA) services. This incident may impact users within your organization who utilize Duo's MFA services.

Summary of the Incident:

On April 1, 2024, an unauthorized threat actor gained access to the supplier's systems using stolen employee credentials from a phishing attack. The attacker was able to download message logs from March 1, 2024, to March 31, 2024. These logs contained phone numbers, carriers, and other metadata related to MFA requests sent via SMS and VOIP, but did not include the content of the messages. More details can be found on Duo’s website located here.

Potential Impact to End Consumers:

Although it is not yet confirmed, there exists a possibility that threat actors may exploit the information obtained from the log data to conduct phishing or other social engineering attacks targeting end-users. We urge you to maintain heightened vigilance and promptly report any suspicious text messages or phone calls to your IT and Security teams. Additionally, please mark any such communications as junk or spam through your telecommunications provider to help mitigate further risks.

Immediate Actions Taken by Duo’s Supplier:

Upon discovery, Duo’s supplier invalidated the compromised credentials, began a thorough investigation, and implemented several mitigation measures to prevent future breaches. This includes enhanced social engineering awareness training for their employees.

How Logically can assist:

At Logically, we understand the severity of this incident and the potential risks posed by such breaches. To support your organization in strengthening its defenses against similar vulnerabilities, we offer comprehensive Security Awareness Training in partnership with KnowBe4, a leader in security training solutions.

Benefits of Our Security Awareness Training:

• Customizable Training Modules: Tailored to the specific needs and risks of your organization, including simulations of phishing and other social engineering tactics.
• Continuous Learning: Regular updates to training content to cover the latest threats and security best practices.
• Employee Testing and Reporting: Tools to assess the security awareness of your staff and track improvements over time.
• Support and Guidance: Expert advice to help you implement effective security policies and response strategies.

Next Steps:

• Educate Your Team: Utilize Security Awareness Training to enhance your team's ability to recognize and respond to security threats.
• Stay Vigilant: Encourage your users to report any suspicious activity or suspected social engineering attempts immediately.

To discuss how Logically Security Awareness Training can be integrated into your security strategy, or to address any concerns about this incident, please do not hesitate to contact us.