Hackers Gain Access To Authy 2FA Accounts In Twilio Breach

Share post:

Authy, a two-factor authentication (2FA) service used by Twilio, was accessed by attackers after compromising the provider of programmable communication tools Twilio.

Researchers say the Twilio data breach is part of a larger campaign of cyberattacks targeting more than 300 organizations.

According to Twilio, the attackers who gained access to its infrastructure on August 4 were also able to access the accounts of 93 Authy users and linked devices to those accounts.

Although Twilio stated that the compromised Authy accounts belong to individual users and represent only a small fraction of the total of 75 million users, the 93 compromised users mean that the attackers were able to access the 2FA codes generated for the Authy users’ accounts.

Twilio revealed that 163 Twilio users whose data was accessed by the attackers for a limited period of time were notified by the company of the unauthorized access.

To protect their accounts, users are asked to review any linked account(s) for suspicious activity, review all devices connected to their Authy accounts, and add a backup device while disabling “Allow Multi-device” in the Authy application.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

DOGE’s Teen Hacker Stirs Concern Over Musk Team’s Access to Federal Databases

A 19-year-old named Edward “Big Balls” Coristine has raised red flags after Wired revealed he holds a key...

Deep Seek and Open Source AI – Without the Hype: Discussion with Robert Falzon, Head of Engineering, Check Point

DeepSeek AI is shaking up the cybersecurity world—are we prepared for the risks? Join host Jim Love and...

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways