Deepfake Voice Exploit Compromises Retool's Cloud Services

August 27, 2023

In August 2023, a hacker reportedly breached Retool, an IT company specializing in business software solutions. The attack impacted 27 cloud customers. The intrusion is believed to have been initiated via phishing SMS messages sent to employees and subsequently escalated through the use of an AI-generated deepfake voice during a phone call to obtain multi-factor authentication codes. This incident raises concerns about the vulnerabilities in cloud-synced authentication apps, such as Google's Authenticator. It underscores the importance of implementing safe and secure AI practices, especially as AI technologies evolve. For those interested in shaping responsible AI governance and preventing such incidents, JOIN US at HISPI Project Cerebellum to contribute to our AI incident database and participate in our Measure function within the TAIM framework.

HISPI Project Cerebellum TAIM – Govern, Map, Measure, or Manage: The choice is yours.

Alleged deployer

unknown-hacker

Alleged developer

unknown

Alleged harmed parties

retool-employee-who-was-the-victim-of-the-unknown-hacker, retool, google, 27-of-retool's-clients

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.

Deepfake Voice Exploit Compromises Retool's Cloud Services

Matched TAIM controls