News

Twilio, the developer of the two-factor authentication (2FA) app Authy, confirmed that Following , Twilio confirmed in a security alert that " , including phone numbers, due to an unauthenticated endpoint". Using the unauthenticated endpoint, the hackers (or hacker), known as ShinyHunters, would input phone numbers and then see which would come back as being associated with Authy. and no longer allows unauthenticated requests. Twilio added that there is no evidence that the threat actors obtained access to its systems or other sensitive data. The company recommends for the latest security updates. Twilio cautions that threat actors might use the phone numbers for phishing and smishing attacks, and urges users to be vigilant. This is not the first time that a data breach hit Twilio. Two years ago, hackers managed to after successfully phishing several employees.  Source: via