Some Authy 2FA accounts were compromised in Twilio data breach
Another high-profile firm affected by Twilio data breach
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
2FA firm Authy is the latest company revealed to have been impacted by the Twilio data breach.
Acompany updatespotted byTechCrunchoutlined how the app, which is owned by Twilio, had seen details of 93 user accounts exposed.
Twilio, which provides customizable tools to build communications platforms, acquired Authy in 2005. The app has around 75 million users worldwide, making it one of the most popular two-factor authentication services around.
Authy attack
In its report on the incident, Twilio says the hackers were able to use the extra access gained from the initial attack to register additional devices to the 93 affected accounts.
The company says it has now identified and removed the “unauthorized devices” from these accounts, but that users should review their linked logins and look for signs of suspicious activity, as well as disabling the app’s “Allow Multi-device” option.
“Twilio believes that the security of our customers’ data is of paramount importance, and when an incident occurs that might threaten that security, we communicate what happened in a transparent manner,” the company wrote. “To that end, we are providing an overview of this incident impacting customer information and our response.”
Unsurprisingly, most data breaches are caused by hacking>AMD is investigating a serious potential data breach>Our guide to the best endpoint protection
The news comes after security-focused messenger app Signal hadthe details of over 1,900 users compromisedas a result of its exposure to Twilio.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Okta has also revealed that 38 Okta-related phone numbers were compromised via Twilio’s administrative portals, according to adata breach reportby the company.
Group IB has said that 10,000 accounts at more than 130 organizations were impacted by the phishing campaign, including marketing companies Mailchimp and Klaviyo.
Russian-founded cybersecurity firm Group-IB Threat Intelligence attributed the Twilio data breach to a criminal groupdubbed “0ktapus”.
The group allegedly used 169 unique domains as part of a large-scale phishing campaign that has been operational since March 2022.
According to the firm’s research 0ktapus mainly targeted US-based companies, providing IT, software development, and cloud services, with the aim of getting the credentials needed to access private data, corporate emails, and internal documents.
Group IB’s research said it was not yet clear if the attacks by 0ktapus were planned “end-to-end in advance or whether opportunistic actions were taken at each stage”.
ViaTechCrunch
Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case
