Incident 567: Deepfake Voice Exploit Compromises Retool's Cloud Services
Description: In August 2023, a hacker reportedly was successful in breaching Retool, an IT company specializing in business software solutions, impacting 27 cloud customers. The attacker appears to have initiated the breach by sending phishing SMS messages to employees and later used an AI-generated deepfake voice in a phone call to obtain multi-factor authentication codes. The breach seems to have exposed vulnerabilities in Google's Authenticator app, specifically its cloud-syncing function, further enabling unauthorized access to internal systems.
Entities
View all entitiesAlleged: unknown developed an AI system deployed by Unknown hacker, which harmed Retool employee who was the victim of the unknown hacker , Retool , Google and 27 of Retool's clients.
Incident Stats
Incident ID
567
Report Count
1
Incident Date
2023-08-27
Editors
Sean McGregor, Daniel Atherton
Incident Reports
Reports Timeline
pcmag.com · 2023
- View the original report at its source
- View the report at the Internet Archive
A hacker used AI to deepfake an employee’s voice and break into an IT company.
The breach, which ensnared 27 cloud customers, occurred last month at Retool, a company that helps clients build business software.
The hacker kicked off the in…
Variants
A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.
