Multi-factor authentication has become one of the most widely recommended controls in security. The premise is simple: even if an attacker has your password, they still need a second factor to get in. For many organizations, that second factor comes in the form of a push notification, a tap of Approve on your phone and you are in. It is convenient, and for the most part it works. The problem is that attackers have found a way to turn that convenience against you.
An MFA fatigue attack does not bypass multi-factor authentication technically. It bypasses it psychologically. The attacker starts with something they already have, usually a set of valid credentials obtained through phishing, a data breach, or the dark web. With the username and password in hand, the only thing standing between them and access is that second factor. So they start requesting it, repeatedly and relentlessly, until the target approves one. The notifications flood in, and at first a careful user will ignore or deny them. But the requests keep coming, sometimes for hours, sometimes overnight when someone is half-asleep and just wants the noise to stop. Eventually, one gets approved, and that is all it takes.
When It Stops Being Theoretical
In September 2022, Uber confirmed a breach that started with a contractor's stolen credentials. The attacker triggered MFA request after MFA request until the contractor, worn down by the volume, approved one. To make it worse, the attacker also reached out directly over WhatsApp, posing as IT support and telling the contractor the requests were legitimate. Once inside, they moved laterally through Uber's internal systems, accessing G-Suite, Slack, and internal security tooling.
That same year, Cisco fell victim to a similar approach. The ransomware group combined MFA fatigue with voice phishing, calling employees directly while flooding their devices with push notifications. The combination of social pressure and notification overload was enough to get a foot in the door. Cisco contained the breach, though the attackers did publish a listing of files they claimed to have taken, which Cisco characterized as non-sensitive.
These were not small organizations with immature security programs. They had MFA in place. The control worked exactly as designed, and the attackers found the human in the middle of it.
Reducing the Risk
For individuals, the most important shift is treating unexpected MFA prompts as a red flag rather than a nuisance to clear. If you receive a push notification you did not initiate, deny it. If the notifications keep coming, do not approve one to make them stop. That is exactly what the attacker is waiting for. Report it instead and let someone investigate.
It also helps to understand what your authenticator app is actually telling you. Some apps now support number matching, where a number is displayed on the login screen and must be entered in the app to confirm the request came from you. That one additional step makes the attack significantly harder because simply tapping Approve is no longer enough.
At the organizational level, the first question worth asking is whether push notification-based MFA is the right choice for high-value accounts. It is convenient, but that convenience is the attack surface. Moving privileged accounts to phishing-resistant methods like hardware security keys or passkey-based authentication removes the human approval step from the equation.
For environments where push notifications remain in use, enabling number matching and setting limits on how many MFA attempts are allowed within a given timeframe are straightforward improvements. Monitoring for unusual authentication patterns, such as a high volume of requests in a short period, gives security teams the visibility to catch an attack in progress rather than after the fact. Training matters too, but it needs to go beyond general awareness. Users need to know not just that these attacks exist, but what to do when one lands on their phone.
Ultimately, MFA fatigue attacks are a reminder that security controls do not exist in isolation. A technically sound control can still fail when the implementation creates conditions that attackers can exploit. Push-based MFA is not a bad control, but it requires user judgment to function correctly, and attackers have gotten very good at eroding that judgment one notification at a time. The answer is not to abandon MFA. It is to understand where its limits are and build around them.
