It has been reported that Uber suffered a cyberattack, with the attacker gaining access to Uber’s Slack messages and vulnerability dashboard reports.
Uber announced that the hacker gained access to a contractor’s account after likely purchasing the individual’s corporate password on the dark web. The hacker initiated a “multifactor authentication fatigue attack” and the contractor eventually accepted one of the MFA requests allowing the hacker access to Uber IT systems.
A MFA fatigue attack occurs when a hacker attempts to log into a network with stolen credentials over and over. When MFA authentication is configured so that an employee sees a prompt on their mobile device to accept each login, the employee receives an endless stream of MFA push approval requests. Eventually the employee becomes tired of receiving the requests and “accepts” the MFA prompt thereby giving the hacker access to the system.
These MFA fatigue attacks are becoming more and more commonplace. Employers should educate their workforce on MFA fatigue and remind employees to authenticate only proper logins.
