Twilio data breach gets a whole lot worse as it confirms hackers accessed Authy user phone numbers


The recent data breach affecting Twilio may have taken a rather unfortunate extra turn after new reports claim the hackers can single out Authy users from the archives.

The infamous ShinyHunters hacking collective recently said it stole 33 million phone numbers from Twilio, and the company has now revealed that the attackers were able to determine which of those phone numbers are used for its Authy service. For those unfamiliar with Authy, it is a popular multi-factor authentication (MFA) tool, which Twilio acquired back in 2015.

Read more…
Source: MSN News


Sign up for our Newsletter


Related:

  • Victoria: Simmering anger from firies over cyber attack details

    September 5, 2024

    Two years on from a cyber attack firefighters say their systems are not fully restored and they still do not know if their information was leaked. Victoria’s fire service says it continues to update the workforce about a cyber attack, but the firefighting union is fuming, saying it is still in the dark over the incident ...

  • Planned Parenthood confirms cyber-attack as RansomHub threatens to leak data

    September 4, 2024

    Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment. This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening ...

  • City of Columbus sues researcher for sharing leaked ransomware data

    September 3, 2024

    The City of Columbus, Ohio, has taken legal action against a security researcher who shared leaked data from a ransomware attack against the city with members of the news media. A lawsuit filed last week alleges that the actions of software development consultant David Leroy Ross Jr., who also goes by Connor Goodwolf, risks “irreparable harm” ...

  • Northern Ireland: Police Ombudsman sorry for ‘distressing’ data leak as investigation is launched

    September 1, 2024

    An investigation has been launched after a data breach led to the details of current and former Police Ombudsman staff members being accidently released. The Police Ombudsman (PONI) has apologised for the data leak incident involving 160 current and former staff. A document containing some of their personal details was “inadvertently released” to 22 people who ...

  • A million airport parking customers affected in huge data breach

    August 31, 2024

    A million Park’N Fly customers have had their sensitive data stolen after the company suffered a cyberattack. The news was confirmed in a data breach notification letter sent out by the company, which noted the threat actors accessed the company’s IT infrastructure in July 2024 using stolen VPN credentials. The crooks stole people’s full names, email ...

  • UK: Watchdog reprimands Labour following data breach

    August 29, 2024

    The information watchdog has formally reprimanded the Labour Party for failing in its data protection duties following a cyber attack. More than 150 complaints were made to the Information Commissioner’s Office (ICO) about the handling of inquiries about personal data, known as Subject Access Requests (SARs). An investigation revealed the problem developed in part because an ...