Twilio breach leaks over 30M Authy-linked phone numbers
A data breach in Authy exposed 33 million phone numbers due to an unsecured API. No passwords were leaked, but users are urged to secure accounts with 2FA, watch for scams, and lock SIM cards. Twilio has improved security measures. Update Authy app for safety.
Read original article
A recent data breach affecting the 2FA app Authy has exposed over 33 million phone numbers linked to the service. The breach was facilitated by an unsecured API endpoint, allowing threat actors to collect the phone numbers. While no passwords were leaked, the exposed information could be used for SMS phishing attacks or SIM swap attempts. To protect against such threats, users are advised to secure their accounts with 2FA, be cautious of suspicious messages, and consider locking their SIM cards with a passcode. Twilio, Authy's parent company, has released updates to enhance security measures following the breach. It is recommended for users to update their Authy app and remain vigilant against potential threats. The breach highlights the importance of maintaining strong security practices when using authentication apps to safeguard personal information from unauthorized access.
Related
ID verification service for TikTok, Uber, X exposed driver licenses
A cybersecurity researcher found AU10TIX's admin credentials exposed online, risking data breach for TikTok, Uber users. Concerns rise over ID verification services' vulnerability to cyberattacks, emphasizing the need for enhanced security measures.
Identity Verification Used by X, TikTok, and Uber Exposed Driver's Licenses
An identity verification firm, AU10TIX, exposed login credentials, risking access to sensitive data like driver's licenses. Despite claims of prompt revocation, functional credentials were found. AU10TIX partners with major platforms.
How MFA is falling short
Multi-factor authentication (MFA) faces challenges from cyber attackers exploiting weaknesses. Breaches despite VPN, SSO, and Google Authenticator usage show risks like phishing, vishing, and Man-In-The-Middle attacks. Recent developments include "Tycoon 2FA" targeting Microsoft 365 and Gmail accounts, emphasizing the need for stronger authentication methods.
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio confirms data breach leaking 33 million phone numbers linked to Authy app. No evidence of system access or sensitive data compromise. Users advised to update security settings as precaution against phishing.
Authy got hacked, and 33M user phone numbers were stolen
Twilio updates Authy app after hack exposes 33 million phone numbers. No compromise to Authy accounts or sensitive data. Users urged to update iOS app, beware of phishing attacks. Twilio enhances security measures.
1 commentsRelated
ID verification service for TikTok, Uber, X exposed driver licenses
A cybersecurity researcher found AU10TIX's admin credentials exposed online, risking data breach for TikTok, Uber users. Concerns rise over ID verification services' vulnerability to cyberattacks, emphasizing the need for enhanced security measures.
Identity Verification Used by X, TikTok, and Uber Exposed Driver's Licenses
An identity verification firm, AU10TIX, exposed login credentials, risking access to sensitive data like driver's licenses. Despite claims of prompt revocation, functional credentials were found. AU10TIX partners with major platforms.
How MFA is falling short
Multi-factor authentication (MFA) faces challenges from cyber attackers exploiting weaknesses. Breaches despite VPN, SSO, and Google Authenticator usage show risks like phishing, vishing, and Man-In-The-Middle attacks. Recent developments include "Tycoon 2FA" targeting Microsoft 365 and Gmail accounts, emphasizing the need for stronger authentication methods.
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio confirms data breach leaking 33 million phone numbers linked to Authy app. No evidence of system access or sensitive data compromise. Users advised to update security settings as precaution against phishing.
Authy got hacked, and 33M user phone numbers were stolen
Twilio updates Authy app after hack exposes 33 million phone numbers. No compromise to Authy accounts or sensitive data. Users urged to update iOS app, beware of phishing attacks. Twilio enhances security measures.