These risk actors had been then capable of steal AWS session tokens, the short term keys that enable you to ask for temporary credentials for your employer??s AWS account. By hijacking active tokens, the attackers were in a position to bypass MFA controls and acquire access to Secure Wallet ??s