Okta admits a small number of SMS-based 2FA codes may have been seen by the attacker, while Twilio acknowledges some Authy MFA accounts were compromised to add smartphones run by the attacker
On the same day as a Black Hat conference speaker talked about the vulnerabilities of phishable MFA, Cisco Systems admitted an employee fell for an MFA phishing scam