• Twilio (and 2FA app Authy) hacked.

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Twilio (and 2FA app Authy) hacked.

    Author
    Topic
    Alex5723
    AskWoody Plus
    August 29, 2022 at 10:15 pm #2473436

    https://www.twilio.com/blog/august-2022-social-engineering-attack

    ..What happened?

    On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. This broad based attack against our employee base succeeded in fooling some employees into providing their credentials. The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data…

    ..To date, our investigation has identified 163 Twilio customers – out of a total customer base of over 270,000 – whose data was accessed without authorization for a limited period of time, and we have notified all of them.

    In addition, to date, our investigation has identified that the malicious actors gained access to the accounts of 93 individual Authy users – out of a total of approximately 75 million users – and registered additional devices to their accounts…

    * I always marvel at companies responses like : sophisticated social engineering attack designed to steal employee credentials that come after : we believes that the security of our customers’ data is of paramount importance…

    4 users thanked author for this post.
    TechTango, Nibbled To Death By Ducks, Microfix, windbg
    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • Microfix
      AskWoody MVP
      August 30, 2022 at 12:52 pm #2473528

      krebs on security dated 30th Aug 2022

      Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms….

      Windows - commercial by definition and now function...
      1 user thanked author for this post.
      Alex5723
      Reply | Quote
    • Nibbled To Death By Ducks
      AskWoody Lounger
      September 1, 2022 at 12:09 am #2473875

      Ummm…and the question in my mind is always, “…and how important IS it? Show us how much money you spent last year in Security, and I’ll be better able to judge.”

      Sheesh.

      Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
      --
      "The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

      Reply | Quote
    Viewing 1 reply thread
    Reply To: Twilio (and 2FA app Authy) hacked.

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.