These risk actors ended up then in the position to steal AWS session tokens, the non permanent keys that allow you to ask for temporary credentials to your employer??s AWS account. By hijacking active tokens, the attackers were in a position to bypass MFA controls and obtain entry to Protected