Article 6NZJ6 Twilio alerts Authy two-factor app users that ‘threat actors’ have their phone numbers

Twilio alerts Authy two-factor app users that ‘threat actors’ have their phone numbers

by
Emma Roth
from The Verge - All Posts on (#6NZJ6)
akrales_220309_4977_0324.0.jpg Photo by Amelia Holowaty Krales / The Verge

Twilio says someone has obtained phone numbers associated with its two-factor authentication service (2FA), Authy, as reported earlier by TechCrunch. In a security alert on Monday, Twilio warns that the threat actors" may try to use the stolen phone numbers to carry out phishing attacks and other scams.

The incident follows a 2022 data breach that occurred after a phishing campaign tricked employees into disclosing their login credentials. The attackers accessed data from 163 Twilio accounts and managed to access and register additional devices on 93 Authy accounts.

Twilio traced this leak back to an unauthenticated endpoint" that it has since secured. Last week, the threat actor ShinyHunters published a list of 33 million phone...

Continue reading...

External Content
Source RSS or Atom Feed
Feed Location http://www.theverge.com/rss/index.xml
Feed Title The Verge - All Posts
Feed Link https://www.theverge.com/
Reply 0 comments