Category: IT|Jul 5, 2024 | Author: Admin

33 million mobile numbers leaked

Share on

Twilio's Authy 2FA code generator service has experienced a pretty serious hack.

33 million mobile numbers leaked

Update to the latest app versions - beware of phishing attacks

 

“Twilio has discovered that threat actors were able to identify data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint. We have taken measures to secure this endpoint and no longer allow unauthenticated requests.

 

We have not seen evidence that the threat actors gained access to Twilio's systems or other sensitive data," the company sums up. It is unknown exactly how many accounts are affected, but it is therefore about 33 million mobile numbers.

 

We have not seen evidence that the threat actors gained access to Twilio's systems or other sensitive data.

 

As a precaution, we ask that all Authy users update to the latest Android and iOS apps for the latest security updates. Even if Authy accounts are not compromised, threat actors may try to use the phone number associated with Authy accounts for phishing and smishing attacks; we encourage all Authy users to be diligent and be more aware of the texts they receive.

 

Twilio

 

So what is "smishing?" IBM explains: “Smishing is a social engineering attack that uses fake mobile text messages to trick people into downloading malware, sharing sensitive information or sending money to cybercriminals. The term "smishing" is a combination of "SMS" - or "short message service", the technology behind text messages - and "phishing".

 

The company encourages updating to the latest Android and iOS versions for security improvements and bug fixes. Twilio encourages anyone who cannot access their account to contact the service department.

 

In another Authy case, we reported in February that the company shut down its programs for Windows and macOS, so users had to move to the mobile apps by March this year.

Sponsored Ads:

Comments:


windows-blue-background-06-02-25.png

New Microsoft script updates Windows media with bootkit malware fixes

Category: Microsoft|Feb 6, 2025 | Author: Admin
Microsoft_Office-05-02-25.png

This Microsoft Office Standalone license deal comes with AI improvements

Category: Microsoft|Feb 5, 2025 | Author: Admin
7-zip-red-bright-04-02-25.png

7-Zip MotW bypass exploited in zero-day attacks against Ukraine

Category: IT|Feb 4, 2025 | Author: Admin
Microsoft_Defender-03-02-25.jpg

Microsoft kills off Defender 'Privacy Protection' VPN feature

Category: Microsoft|Feb 3, 2025 | Author: Admin
back-pypi-02-02-25.png

PyPI adds project archiving system to stop malicious updates

Category: IT|Feb 2, 2025 | Author: Admin
ai-cybersecurity-hacker-01-02-25.png

Google says hackers abuse Gemini AI to empower their attacks

Category: IT|Feb 1, 2025 | Author: Admin
Chromium-headpic-31-01-25.png

Microsoft improves text contrast for all Windows Chromium browsers

Category: Microsoft|Jan 31, 2025 | Author: Admin
Google_Chrome-30-01-25.png

New Syncjacking attack hijacks devices using Chrome extensions

Category: Google|Jan 30, 2025 | Author: Admin
Google-Chrome-29-01-25.png

Google to kill Chrome Sync on older Chrome browser versions

Category: Google|Jan 29, 2025 | Author: Admin
Microsoft-28-01-25.png

Microsoft gives OpenAI some breathing room

Category: Microsoft|Jan 28, 2025 | Author: Admin
Windows-11-27-01-25.png

Windows 11 24H2 preview brings new taskbar features

Category: Microsoft|Jan 27, 2025 | Author: Admin
paypal-26-01-25.png

PayPal to pay $2 million settlement over 2022 data breach

Category: IT|Jan 26, 2025 | Author: Admin
zyxel-25-01-25.png

Zyxel warns of bad signature update causing firewall boot loops

Category: IT|Jan 25, 2025 | Author: Admin
windows-blue-background-24-01-25.png

Microsoft to deprecate WSUS driver synchronization in 90 days

Category: Microsoft|Jan 24, 2025 | Author: Admin
Pwn2Own_Tokyo_headpic-23-01-25.png

Tesla EV charger hacked twice on second day of Pwn2Own Tokyo

Category: IT|Jan 23, 2025 | Author: Admin
more