From the Retool incident (related to those Okta attacks from last month):

"The caller claimed to be one of the members of the IT team, and deepfaked our employee’s actual voice".... then reset MFA and took control of the Okta account.