MFA Factor Reuse for Account Compromise

Identify potential mass account compromise through detection of a single phone number or Guardian app installation registered across multiple user accounts, indicating a single attacker controlling many accounts.

Splunk insight details requires a free account. Sign in with Google or GitHub to access the full knowledge base.