Some Authy 2FA accounts were compromised in Twilio data breach

2FA firm Authy is the latest company revealed to have been impacted by the Twilio data breach. 

A company update spotted by TechCrunch outlined how the app, which is owned by Twilio, had seen details of 93 user accounts exposed.

Twilio, which provides customizable tools to build communications platforms, acquired Authy in 2005. The app has around 75 million users worldwide, making it one of the most popular two-factor authentication services around.

Authy attack

In its report on the incident, Twilio says the hackers were able to use the extra access gained from the initial attack to register additional devices to the 93 affected accounts.

The company says it has now identified and removed the "unauthorized devices” from these accounts, but that users should review their linked logins and look for signs of suspicious activity, as well as disabling the app’s “Allow Multi-device” option.

"Twilio believes that the security of our customers’ data is of paramount importance, and when an incident occurs that might threaten that security, we communicate what happened in a transparent manner," the company wrote. "To that end, we are providing an overview of this incident impacting customer information and our response."

The news comes after security-focused messenger app Signal had the details of over 1,900 users compromised as a result of its exposure to Twilio. 

Okta has also revealed that 38 Okta-related phone numbers were compromised via Twilio’s administrative portals, according to a data breach report by the company.

Group IB has said that 10,000 accounts at more than 130 organizations were impacted by the phishing campaign, including marketing companies Mailchimp and Klaviyo.

Russian-founded cybersecurity firm Group-IB Threat Intelligence attributed the Twilio data breach to a criminal group dubbed "0ktapus".

The group allegedly used 169 unique domains as part of a large-scale phishing campaign that has been operational since March 2022. 

According to the firm's research 0ktapus mainly targeted US-based companies, providing IT, software development, and cloud services, with the aim of getting the credentials needed to access private data, corporate emails, and internal documents.

Group IB's research said it was not yet clear if the attacks by 0ktapus were planned "end-to-end in advance or whether opportunistic actions were taken at each stage".

  • Need an extra layer of security? Check out the best antvirus software

Via TechCrunch



from TechRadar - All the latest technology news https://ift.tt/nhCg9lr
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us