SECURITYTHE REGISTER
MFA-optional banks leave safe doors (and accounts) wide open for thieves to pillage
A 84-year-old woman lost $30,000 from her bank accounts after thieves exploited weak security practices, including the absence of mandatory multi-factor authentication (MFA). The attackers used stolen passwords from a data breach and created spam filters to block alerts, while financial institutions initially doubted the theft was fraudulent.
Mentioned
Related Signal
Adjacent reporting
- Your iPhone Gets Stolen. Then the Hacking Begins
- Password manager Dashlane says hackers stole some customers’ password vaults
- Dashlane says hackers stole password vaults via a 'brute force attack'
- (EU) Scammers acting as a bank employee
- Dashlane issues opaque advisory warning 20 encrypted vaults were stolen