1. You are a security expert. In this context you have recieved a report from an employee of your organization. He has been hacked and his bank account has been compromised. He was using a two factor authentication. One day he got an email that his password on the bank account is expiring soon and that he should log into his bank accouunt's website and update his password. He followed the link in the email and tried to log into his account so that he can change the password. He entered his user name and then he also entered his password. Afterwards a prompt appeared on the screen (as usual) asking him to enter the OTP that he had received on his cell phone. He entered that correctly as well. After that he saw an error message on the screen that the service is temporarily unavailable and that he should try later.. He tried to log into his account later but is not able to do it anymore. From this scanario do you think it is possible to hack a two authentication? If yes what do you think could have happened..

   You are required to submit a report with the justification and reasoning of what could have happened to the user. How he got hacked despite using two factor authentication.