Published , by Donovan Erskine
Published , by Donovan Erskine
A hacker group came forward last week claiming to have stolen the phone numbers of millions from Twilio, a communications company. Now, Twilio has confirmed the data breach, stating that the hacker group specifically breached Authy, the two-factor authentication service, stealing the phone numbers of 33 million users.
Twilio confirmed the data breach in a statement to TechCrunch. “We have seen no evidence that the threat actors obtained access to Twilio’s systems or other sensitive data,” wrote spokesperson Kari Ramirez. “As a precaution, we are requesting all Authy users to update to the latest Android and iOS apps for the latest security updates and encourage all Authy users to stay diligent and have heightened awareness around phishing and smishing attacks.”
Twilio notified users of the data breach in a security alert on its website. The company says the breach happened “due to an unauthenticated endpoint.” They also state that they’ve taken steps to prevent such a breach from happening again in the future.
If you use Authy, you should follow Twilio’s advice and update your mobile app. If there are any updates to this story, we’ll be sure add that information to this article.