Twilio verifies security breach of Authy data

Published:

spot_img

Twilio Confirms Attackers Identified Authy Phone Numbers, Urges Users to Update App

In a recent statement, Twilio, the owner of the popular two-factor authentication (2FA) service Authy, revealed that attackers were able to link phone numbers to specific Authy accounts. This announcement comes a week after hackers claimed to have stolen 33 million Authy phone numbers, raising concerns about the security of user data.

According to Twilio, the attackers exploited an unauthenticated endpoint to access data associated with Authy accounts, including phone numbers. The company has since taken steps to secure the endpoint and prevent unauthorized access. While Twilio maintains that there is no evidence of the attackers gaining access to sensitive data within their systems, they urge users to remain vigilant against potential phishing and smishing attacks using stolen phone numbers.

To mitigate the risk, Twilio advises all Authy users to update their app to the latest versions on Android and iOS devices. Additionally, the company announced that its 2FA desktop app will no longer be available for Windows, MacOS, and Linux users, prompting customers to switch to mobile apps and backup their tokens across devices.

The perpetrators behind the attack, known as ShinyHunters, have been linked to other high-profile breaches involving companies like Santander and Ticketmaster. Twilio’s history of data breaches, including a phishing incident in 2022, underscores the importance of maintaining strong security measures to protect user information.

As the investigation into the Authy breach continues, users are advised to exercise caution and report any suspicious activity to Twilio. Stay tuned for updates on this developing story.

spot_img

Related articles

Recent articles

Consolidation Strengthens Cybersecurity in the MENA Region Amid Rising Threats

Consolidation Strengthens cybersecurity in the MENA Region Amid Rising Threats Cybersecurity leaders are navigating an increasingly complex landscape, facing mounting pressure from regulatory bodies, evolving...

Windows Bind Link Attacks Strengthen Evasion Techniques Against EDR Tools

Windows Bind Link Attacks Strengthen Evasion Techniques Against EDR Tools Recent research from Bitdefender has unveiled critical vulnerabilities in Windows' bind link feature, demonstrating how...

Malicious AI Models Surge on Dark Web: WormGPT, FraudGPT, and the Rise of Unrestricted Cybercrime Tools

Malicious AI Models Surge on Dark Web: WormGPT, FraudGPT, and the Rise of Unrestricted Cybercrime Tools The emergence of malicious AI models on the dark...

Cabinet Approves ₹1.27 Lakh Crore Semicon 2.0 to Strengthen India’s Semiconductor Ecosystem

Cabinet Approves ₹1.27 Lakh Crore Semicon 2.0 to Strengthen India's Semiconductor Ecosystem The Union Cabinet of India, led by Prime Minister Narendra Modi, has officially...