Authy got hacked, and 33M user phone numbers were stolen
Twilio updates Authy app after hack exposes 33 million phone numbers. No compromise to Authy accounts or sensitive data. Users urged to update iOS app, beware of phishing attacks. Twilio enhances security measures.
Read original article
Authy, a two-factor authentication app, has been updated by Twilio after a hack resulted in the theft of 33 million cellphone numbers. The company confirmed the hack was limited to phone numbers and did not compromise Authy accounts or sensitive data. Twilio has addressed the issue by securing the affected endpoint and urging users to update their iOS app. While the exact number of affected users remains undisclosed, TechCrunch reports the theft of 33 million phone numbers. Twilio advises users to be cautious of potential phishing and smishing attacks using stolen phone numbers. Users experiencing account access issues are encouraged to contact Twilio's support team. The company has taken steps to prevent unauthorized access and enhance security measures following the incident.
Related
ID verification service for TikTok, Uber, X exposed driver licenses
A cybersecurity researcher found AU10TIX's admin credentials exposed online, risking data breach for TikTok, Uber users. Concerns rise over ID verification services' vulnerability to cyberattacks, emphasizing the need for enhanced security measures.
Identity Verification Used by X, TikTok, and Uber Exposed Driver's Licenses
An identity verification firm, AU10TIX, exposed login credentials, risking access to sensitive data like driver's licenses. Despite claims of prompt revocation, functional credentials were found. AU10TIX partners with major platforms.
How MFA is falling short
Multi-factor authentication (MFA) faces challenges from cyber attackers exploiting weaknesses. Breaches despite VPN, SSO, and Google Authenticator usage show risks like phishing, vishing, and Man-In-The-Middle attacks. Recent developments include "Tycoon 2FA" targeting Microsoft 365 and Gmail accounts, emphasizing the need for stronger authentication methods.
Microsoft Alerts More Customers to Email Theft in Expanding
Microsoft alerts more customers about email theft post-Midnight Blizzard hack by Russian government. Stolen emails accessed, shared with affected organizations for transparency. Ongoing attack used for planning further attacks. Assistance provided to mitigate risks.
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio confirms data breach leaking 33 million phone numbers linked to Authy app. No evidence of system access or sensitive data compromise. Users advised to update security settings as precaution against phishing.
2 commentsRelated
ID verification service for TikTok, Uber, X exposed driver licenses
A cybersecurity researcher found AU10TIX's admin credentials exposed online, risking data breach for TikTok, Uber users. Concerns rise over ID verification services' vulnerability to cyberattacks, emphasizing the need for enhanced security measures.
Identity Verification Used by X, TikTok, and Uber Exposed Driver's Licenses
An identity verification firm, AU10TIX, exposed login credentials, risking access to sensitive data like driver's licenses. Despite claims of prompt revocation, functional credentials were found. AU10TIX partners with major platforms.
How MFA is falling short
Multi-factor authentication (MFA) faces challenges from cyber attackers exploiting weaknesses. Breaches despite VPN, SSO, and Google Authenticator usage show risks like phishing, vishing, and Man-In-The-Middle attacks. Recent developments include "Tycoon 2FA" targeting Microsoft 365 and Gmail accounts, emphasizing the need for stronger authentication methods.
Microsoft Alerts More Customers to Email Theft in Expanding
Microsoft alerts more customers about email theft post-Midnight Blizzard hack by Russian government. Stolen emails accessed, shared with affected organizations for transparency. Ongoing attack used for planning further attacks. Assistance provided to mitigate risks.
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio confirms data breach leaking 33 million phone numbers linked to Authy app. No evidence of system access or sensitive data compromise. Users advised to update security settings as precaution against phishing.