One of the most trusted Authy 2FA apps was hacked, affecting a few people.
Twilio disclosed a data compromise in early August; threat actors accessed client data. The attackers hacked company networks using SMS phishing credentials.
Twilio provides web service APIs for making and receiving phone calls, sending and receiving text messages, and other communication services.
The corporation has 5,000 employees in 17 countries and $2.84 billion in 2021 sales. Twilio stated last week that threat actors accessed 93 Authy 2FA accounts.
Authy 2FA: How is it Happened
Twilio reported a compromise on August 4, 2022. Current and past workers got phishing SMS messages from Twilio’s IT department suggesting they needed to update their passwords. A link lead to a false Twilio login page. Hackers accessed Twilio’s internal systems with stolen credentials from at least one victim.
Since then, the organisation has been investigating whose services and consumers were affected and how to prevent such issues. LastPass’s source code was stolen, however no user data was revealed. Twilio has also focused “security training to ensure personnel are alert for social engineering assaults.”
Authy 2FA: Are Users protected?
Authy is also affected by the breach, but not many users. Only 93 Authy users out of 75 million were compromised, and bad actors added devices to the accounts via Twilio. The corporation uninstalled the unlawful devices and contacted the affected users.
How can you protect the security account now?
Authy suggests a simple fix to stop illegal device additions. If you use Authy, set up the app on one or two backup devices like your laptop or tablet, then block “Allow multi-device” in the app’s Devices settings.
This stops anyone, including you, from adding more devices. It’s crucial to have backup devices because regaining access to a lost or stolen phone might be difficult. You can re-enable “Allow multi-device” at any moment to add additional devices.
The data breach at Twilio seems to be part of a larger attack by hackers on at least 130 companies, including MailChimp, Klaviyo, and Cloudflare.
In earlier updates about the situation, Twilio said that 125 customers were affected by the breach because hackers got access to their authentication information.