These risk actors have been then capable of steal AWS session tokens, the short term keys that enable you to request short term credentials for your employer??s AWS account. By hijacking active tokens, the attackers were able to bypass MFA controls and gain access to Safe Wallet ??s AWS account