Connect with us

Hi, what are you looking for?

Tech

Twilio Faces Security Breach: Millions of Authy User Phone Numbers Expose

Twilio Faces Security Breach: Millions of Authy User Phone Numbers Expose
Twilio Faces Security Breach: Millions of Authy User Phone Numbers Expose

Twilio, a US company known for cloud communications, reported a big security breach involving Authy, its app for extra account security. This breach exposed millions of users’ phone numbers.

Shortly after hacker group ShinyHunters admitted to stealing 33 million Authy phone numbers and other associated data, concerns about potential misuse arose. Initial reports did not clarify whether the hackers could match these phone numbers to specific user accounts.

ShinyHunters gained notoriety earlier for breaches including the theft of data from 560 million Ticketmaster customers and an attack on Snowflake, a cloud-storage provider. Their activities underscore growing cybersecurity challenges faced by major corporations, highlighting vulnerabilities across various industries.

Twilio Faces Security Breach: Millions of Authy User Phone Numbers Expose

Twilio Faces Security Breach: Millions of Authy User Phone Numbers Expose

Twilio attributed the breach to an unauthorized endpoint, which has since been secured to prevent further unauthorized access. The company assured that while phone numbers were exposed, Authy accounts themselves remained uncompromised. This distinction suggests that while user accounts are technically safe, the stolen phone numbers could facilitate social engineering attacks like phishing or smishing.

To mitigate risks, Twilio advised users to exercise caution, particularly avoiding suspicious links in texts or emails. They also urged users to promptly update their Authy apps to the latest versions available on Android and iOS. Despite the breach, Twilio emphasized that its internal systems and other sensitive data were not compromised.

This incident marks another chapter in Twilio’s cybersecurity history, following a 2022 breach where hackers used voice phishing to trick employees into divulging credentials. As the company addresses these challenges, user vigilance and timely updates remain crucial in safeguarding against emerging threats.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Tech

Amazon Web Services (AWS) recently unveiled several innovations aimed at enhancing the development and deployment of generative AI applications, addressing concerns around accuracy and...

News

AU10TIX, an Israeli company that verifies IDs for clients like TikTok, X, and Uber, accidentally left important admin credentials exposed for over a year....

Cars

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos.

Tech

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos.