Skip to content
cybersecurityTechnology

Phishing attack widens, Twilio reveals additional affected parties

Uncovered 163 affected individuals by the disclosure of communications and identity verification company.

 and  Administrator
2 min read
Wider disclosure of affected individuals as Twilio reveals an escalating phishing attack's impact
Wider disclosure of affected individuals as Twilio reveals an escalating phishing attack's impact

Phishing attack widens, Twilio reveals additional affected parties

In a troubling turn of events, a sophisticated phishing attack on Twilio's two-factor authentication service has been revealed. The attack, part of a larger campaign known as Oktapus, has targeted 169 unique domains and resulted in the compromise of more user data than initially estimated.

The phishing attack, first observed on August 4, has since been contained, with no further instances of unauthorized access reported since August 10. The attack has affected more customers than initially thought, with the number of affected users now standing at 1,900 from Signal and an additional 163 customers of Twilio. Twilio has also identified another group of 93 victims on its Authy service.

The attack has resulted in the revelation of phone numbers or verification codes of the affected users. However, the group behind the attack remains unnamed in available search results. Reports have linked a bulletproof hosting provider, Stark Industries Solutions Ltd., to Kremlin-backed cyberattacks and other malicious activities, but it is not clear if this group was responsible for the Twilio phishing attack.

Threat actors behind Oktapus have compromised approximately 10,000 user credentials across 136 organizations. In response to the attack, Twilio has made multiple internal security improvements to bolster its defences and prevent future attacks.

All of the victims identified in the Twilio breach have been notified. Threat actors successfully registered additional devices to the 93 Authy accounts identified by Twilio, but the company has taken steps to secure these accounts and protect its users.

The investigation into the Twilio breach remains ongoing, with Twilio continuing to work closely with law enforcement agencies and other security experts to understand the full extent of the attack and identify the perpetrators.

Despite the setback, Twilio remains committed to providing secure and reliable services to its customers. The company continues to prioritize the safety and security of its users and is taking every necessary step to ensure the protection of their data.

In these times of increasing cyber threats, it is more important than ever for companies like Twilio to remain vigilant and proactive in their efforts to protect user data. By taking swift action and making necessary improvements, Twilio is demonstrating its commitment to its users and its dedication to maintaining the highest standards of security.

Read also:

Related

Latest