Twilio’s investigation into the attack on August 4 reveals that hackers gained access to some Authy user accounts and registered unauthorized devices.
Authy is a two-factor authentication (2FA) service from Twilio that allows users to secure their online accounts where the feature is supported by identifying a second time via a dedicated app after typing in the login credentials.
When logging into an account with 2FA enabled, Authy will provide an additional one-time passcode required to login. This protects the account from being accessed even if the login credentials are compromised.
Read more…
Source: Bleeping Computer