The recent data breach affecting Twilio may have taken a rather unfortunate extra turn after new reports claim the hackers can single out Authy users from the archives.
The infamous ShinyHunters hacking collective recently said it stole 33 million phone numbers from Twilio, and the company has now revealed that the attackers were able to determine which of those phone numbers are used for its Authy service. For those unfamiliar with Authy, it is a popular multi-factor authentication (MFA) tool, which Twilio acquired back in 2015.
Read more…
Source: MSN News
Related:
- I spy another mSpy breach: Millions more stalkerware buyers exposed
July 14, 2024
Commercial spyware maker mSpy has been breached – again – and millions of purchasers can be identified from the spilled records.… mSpy showed up on Have I Been Pwned on July 11, with the site revealing hacktivists were responsible for the theft of millions of Zendesk support tickets from buyers unable to use the software. “Comprising ...
- Co-op cyber attack could be any number of things: Cyber security expert
July 12, 2024
Some stores are still dealing with problems on their shelves after a cyber attack against Federated Co-operatives Ltd. two weeks ago, but the company hasn’t said much about what’s going on. Co-op has kept customers updated as bits and pieces like cardlocks come back online, and this week when rumours began circulating about customers’ data being ...
- Gay furry hackers strike massive cyber attack against US far-right Project 2025
July 10, 2024
A collective of self-described “Gay furry hackers” called SiegedSec managed to hack into the right-wing Heritage Foundation affiliated with Project 2025 in a massive cyber attack. The hackers released two gigabytes of data, including Heritage Foundation member names, email addresses, passwords, and usernames. SiegedSec claimed responsibility for the hack on Telegram, sharing that they breached online ...
- Alleged breached data of Airport and Aviation Services Sri Lanka surfaces online
July 10, 2024
A recent post on the notorious cybercrime forum BreachForums claims that the Airport and Aviation Services Sri Lanka (AASL) has suffered a data breach. According to the post, the breached data contains approximately 7,083 records that include names, NICs, emails, passport numbers, and other sensitive data. Blurred screenshot of post alleging Airport and Aviation Services Sri ...
- ‘RockYou2024’: Nearly 10 billion passwords leaked online
July 8, 2024
On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. The list is referred to as RockYou2024 because of its filename, rockyou.txt. To cybercriminals the list has some value ...
- OpenAI breach is a reminder that AI companies are treasure troves for hackers
July 5, 2024
There’s no need to worry that your secret ChatGPT conversations were obtained in a recently reported breach of OpenAI’s systems. The hack itself, while troubling, appears to have been superficial — but it’s reminder that AI companies have in short order made themselves into one of the juiciest targets out there for hackers. The New York ...