Entities
Retool employee who was the victim of the unknown hacker
Incidents Harmed By
Incident 5671 Report
Deepfake Voice Exploit Compromises Retool's Cloud Services
2023-08-27
In August 2023, a hacker reportedly was successful in breaching Retool, an IT company specializing in business software solutions, impacting 27 cloud customers. The attacker appears to have initiated the breach by sending phishing SMS messages to employees and later used an AI-generated deepfake voice in a phone call to obtain multi-factor authentication codes. The breach seems to have exposed vulnerabilities in Google's Authenticator app, specifically its cloud-syncing function, further enabling unauthorized access to internal systems.
More