I don’t think it matters what 2fa the target had here, the attackers had him hook line and sinker. The bigger issue is that the attacker new everything about how the company worked internally, including staff. I would not be surprised if this company was already compromised, either from an external actor or internal.
Comment on Google Authenticator Blamed to have made one company’s network breach much, much worse
Eezyville@sh.itjust.works 1 year ago
So you went and put all your trusted passwords, 2FAs, FIDO2, and other secrets with Google? Looks like these tech companies are turning into data dragons. Only a matter of time before some adventurers decide to loot the dragon.
IMongoose@lemmy.world 1 year ago
sturmblast@lemmy.world 1 year ago
hehe ‘Data Dragons’
Appoxo@lemmy.dbzer0.com 1 year ago
I would argue such big companies could be trusted to some extend with storing stuff securely.
You don’t hear much of a data breach from Google.
But other other hand you had the Microsoft e-mail incident…
Eezyville@sh.itjust.works 1 year ago
I personally don’t trust them because of the Edward Snowden revelations.
Appoxo@lemmy.dbzer0.com 1 year ago
You can trust nothing lol.
The only thing you could trust is a fully air-gapped system you personally update and patch with a manual attached storage (like USB SSD/HDDs) and never ever let it see the light of the internet.
Edgelord_Of_Tomorrow@lemmy.world 1 year ago
The NSA is not a threat to your cybersecurity. If they want information from you they will put you in a van and beat you with a wrench until you give them the password. If the US Govt has decided you are a threat your problems are bigger than if someone can steal your Steam account.