Category: IT|Jul 5, 2024 | Author: Admin

33 million mobile numbers leaked

Share on

Twilio's Authy 2FA code generator service has experienced a pretty serious hack.

33 million mobile numbers leaked

Update to the latest app versions - beware of phishing attacks

 

“Twilio has discovered that threat actors were able to identify data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint. We have taken measures to secure this endpoint and no longer allow unauthenticated requests.

 

We have not seen evidence that the threat actors gained access to Twilio's systems or other sensitive data," the company sums up. It is unknown exactly how many accounts are affected, but it is therefore about 33 million mobile numbers.

 

We have not seen evidence that the threat actors gained access to Twilio's systems or other sensitive data.

 

As a precaution, we ask that all Authy users update to the latest Android and iOS apps for the latest security updates. Even if Authy accounts are not compromised, threat actors may try to use the phone number associated with Authy accounts for phishing and smishing attacks; we encourage all Authy users to be diligent and be more aware of the texts they receive.

 

Twilio

 

So what is "smishing?" IBM explains: “Smishing is a social engineering attack that uses fake mobile text messages to trick people into downloading malware, sharing sensitive information or sending money to cybercriminals. The term "smishing" is a combination of "SMS" - or "short message service", the technology behind text messages - and "phishing".

 

The company encourages updating to the latest Android and iOS versions for security improvements and bug fixes. Twilio encourages anyone who cannot access their account to contact the service department.

 

In another Authy case, we reported in February that the company shut down its programs for Windows and macOS, so users had to move to the mobile apps by March this year.

Sponsored Ads:

Comments:


DDoS-22-01-25.png

Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack

Category: IT|Jan 22, 2025 | Author: Admin
Micosoft_Exchange-21-01-25.png

Microsoft: Exchange 2016 and 2019 reach end of support in October

Category: Microsoft|Jan 21, 2025 | Author: Admin
Outlook-20-01-25.png

Microsoft shares temp fix for Outlook crashing when writing emails

Category: Microsoft|Jan 20, 2025 | Author: Admin
TikTok-19-01-25.png

TikTok shuts down in the US as Trump throws the company a lifeline

Category: IT|Jan 19, 2025 | Author: Admin
Discord-18-01-25.png

Malicious PyPi package steals Discord auth tokens from devs

Category: IT|Jan 18, 2025 | Author: Admin
China_matrix-17-01-25.png

GDPR complaints filed against TikTok, Temu for sending user data to China

Category: IT|Jan 17, 2025 | Author: Admin
Fortinet-16-01-25.png

Hackers leak configs and VPN credentials for 15,000 FortiGate devices

Category: General|Jan 16, 2025 | Author: Admin
windows-blue-background-15-01-25.png

January Windows updates may fail if Citrix SRA is installed

Category: Microsoft|Jan 15, 2025 | Author: Admin
nominet-14-01-25.png

UK domain registry Nominet confirms breach via Ivanti zero-day

Category: IT|Jan 14, 2025 | Author: Admin
back-13-01-25.png

Phishing texts trick Apple iMessage users into disabling protection

Category: Apple|Jan 13, 2025 | Author: Admin
church-12-01-25.png

Pastor who saw crypto project in his "dream" indicted for fraud

Category: IT|Jan 12, 2025 | Author: Admin
LDAPNightmare-11-01-25.png

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

Category: IT|Jan 11, 2025 | Author: Admin
Outlook-for-Windows-10-01-25.png

Microsoft to force install new Outlook on Windows 10 PCs in February

Category: Microsoft|Jan 10, 2025 | Author: Admin
proton-mail-header-09-01-25.png

Proton Mail still down as Proton recovers from worldwide outage

Category: IT|Jan 9, 2025 | Author: Admin
backdoror-web-shells-08-01-25.png

Over 4,000 backdoors hijacked by registering expired domains

Category: IT|Jan 8, 2025 | Author: Admin
more