The recent data breach affecting Twilio may have taken a rather unfortunate extra turn after new reports claim the hackers can single out Authy users from the archives.
The infamous ShinyHunters hacking collective recently said it stole 33 million phone numbers from Twilio, and the company has now revealed that the attackers were able to determine which of those phone numbers are used for its Authy service. For those unfamiliar with Authy, it is a popular multi-factor authentication (MFA) tool, which Twilio acquired back in 2015.
Read more…
Source: MSN News
Related:
- Victoria: Simmering anger from firies over cyber attack details
September 5, 2024
Two years on from a cyber attack firefighters say their systems are not fully restored and they still do not know if their information was leaked. Victoria’s fire service says it continues to update the workforce about a cyber attack, but the firefighting union is fuming, saying it is still in the dark over the incident ...
- Planned Parenthood confirms cyber-attack as RansomHub threatens to leak data
September 4, 2024
Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment. This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening ...
- City of Columbus sues researcher for sharing leaked ransomware data
September 3, 2024
The City of Columbus, Ohio, has taken legal action against a security researcher who shared leaked data from a ransomware attack against the city with members of the news media. A lawsuit filed last week alleges that the actions of software development consultant David Leroy Ross Jr., who also goes by Connor Goodwolf, risks “irreparable harm” ...
- Northern Ireland: Police Ombudsman sorry for ‘distressing’ data leak as investigation is launched
September 1, 2024
An investigation has been launched after a data breach led to the details of current and former Police Ombudsman staff members being accidently released. The Police Ombudsman (PONI) has apologised for the data leak incident involving 160 current and former staff. A document containing some of their personal details was “inadvertently released” to 22 people who ...
- A million airport parking customers affected in huge data breach
August 31, 2024
A million Park’N Fly customers have had their sensitive data stolen after the company suffered a cyberattack. The news was confirmed in a data breach notification letter sent out by the company, which noted the threat actors accessed the company’s IT infrastructure in July 2024 using stolen VPN credentials. The crooks stole people’s full names, email ...
- UK: Watchdog reprimands Labour following data breach
August 29, 2024
The information watchdog has formally reprimanded the Labour Party for failing in its data protection duties following a cyber attack. More than 150 complaints were made to the Information Commissioner’s Office (ICO) about the handling of inquiries about personal data, known as Subject Access Requests (SARs). An investigation revealed the problem developed in part because an ...