These risk actors have been then in a position to steal AWS session tokens, the short-term keys that enable you to request momentary credentials in your employer??s AWS account. By hijacking Energetic tokens, the attackers were being capable to bypass MFA controls and attain access to Safe and