Attackers Break Into Twilio Customer Data Via Phishing Attack

Share post:

Cloud communications company Twilio has confirmed a data breach in which attackers stole customer data via a text message phishing attack.

According to the company, the attackers gained access to its systems after tricking and stealing the credentials of several employees.

To carry out the attack, the threat actors impersonated Twilio’s IT department and asked them to click on URLs with “Twillo,” “Okta,” and “SSO” keywords. Twilio’s employees were tricked into clicking on the embedded links after being warned that their passwords had expired and needed to be changed.

“The text messages originated from U.S. carrier networks. We worked with the U.S. carriers to shut down the actors and worked with the hosting providers serving the malicious URLs to shut those accounts down,” Twilio said.

While the attackers are yet to be identified, the company said the problem has been reported to law enforcement and investigations are ongoing.

Twilio has revoked the employee accounts compromised during the attack in order to block the attackers from accessing its systems.

“As the threat actors were able to access a limited number of accounts’ data, we have been notifying the affected customers on an individual basis with the details,” Twilio said.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways