The 2nd Authenticator (meaning the email that is received upon logging on) was redirected to the hackers email. I'm unsure if he did this will all the accounts, or even if that was all he did.. I'm sure there were more steps, but that was the general idea. The point is that 2FA isn't unbeatable.
Wait a minute.
How does just an e-mail change let them get past 2-factor authentication?
The 2nd Authenticator (meaning the email that is received upon logging on) was redirected to the hackers email. I'm unsure if he did this will all the accounts, or even if that was all he did.. I'm sure there were more steps, but that was the general idea. The point is that 2FA isn't unbeatable.