Security News > 2023 > September > Retool blames breach on Google Authenticator MFA cloud sync feature

Retool blames breach on Google Authenticator MFA cloud sync feature
2023-09-15 19:15

Hack blamed on new Google Authenticator sync feature.

Retool is blaming the success of the hack on a new feature in Google Authenticator that allows users to synchronize their 2FA codes with their Google account.

Retool says that the feature is also to blame for the August breach severity as it allowed the hacker who successfully phished an employee's Google account to have access to all of their 2FA codes used for internal services.

As Kodesh explained, while, initially, Retool had enabled MFA, the auth codes synced by Google Authenticator to the cloud led to an inadvertent transition to single-factor authentication.

While Google Authenticator does promote its cloud sync feature, it is not required.

"While we continue to work toward these changes, we want to ensure Google Authenticator users know they have a choice whether to sync their OTPs to their Google Account, or to keep them stored only locally. In the meantime, we'll continue to work on balancing security with usability as we consider future improvements to Google Authenticator."


News URL

https://www.bleepingcomputer.com/news/security/retool-blames-breach-on-google-authenticator-mfa-cloud-sync-feature/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995