Twilio Suffers Phishing-Based Data Breach – IT Security Guru

Twilio, the communications giant, has confirmed that hackers gained access to customer data after successfully tricking employees into handing over their corporate login credentials.

The San Francisco-based company lets users build voice and SMS capabilities, such as two-factor authentication (2FA), into apps, said it became aware that someone had gotten a “unauthorized access” to information related to certain Twilio customer accounts. August 4. These results were published in a blog post on Monday 9.

Twilio has more than 150,000 corporate customers, including Uber and Facebook.

The author of the threat has not yet been identified.

The attack used phishing text messages claiming to be from Twilio’s IT department, suggesting employees’ passwords had expired or their schedules had changed. The text advised the target to log in using the provided spoofed web address.

Twilio said these texts appeared legitimate and used specific jargon that companies use to secure access to their internal applications, such as “SSO”. Twilio said it worked with US carriers to stop malicious messages, as well as registrars and hosting providers to shut down malicious URLs used in the campaign.

The blog post added, “Despite this response, threat actors continued to spin carriers and hosts to resume their attacks. Based on these factors, we have reason to believe that threat actors are well-organized, sophisticated, and methodical in their actions.

It has not yet been revealed how many customers were affected or what data was stolen.

The communications giant said that since the attack it has revoked access to employees’ compromised accounts and increased its security training to ensure employees are on “high alert” for cyber attacks. similar social engineering. Affected customers are being contacted individually.

Erfan Shadabi, cybersecurity expert at comforte AG, said: “Many of the data breaches we have seen over the past few months have human error lurking in their history. trust in order to obtain sensitive information or data, such as login credentials, credit card details or other personally identifiable information.

“One of the best approaches to mitigating such attacks is to adopt the Zero Trust framework.”

Comments are closed.