Twilio hack investigation reveals second breach, as the number of affected customers rises.
Cybercriminals are becoming more sophisticated in their approach, with Twilio becoming one of more than 130 organizations to fall victim to a large-scale VISHING and SMISHING campaign. The financial as well as emotional damage of such attacks can be extensive.
U.S. messaging giant Twilio confirmed it was hit by a second breach in June that saw cybercriminals access customer contact information.
Twilio said the “brief security incident,” which occurred on June 29, 2022, saw the same attackers socially engineer an employee through voice phishing, a tactic whereby hackers make fraudulent phone calls impersonating the company’s IT department in an effort to trick employees into handing over sensitive information. In this case, the Twilio employee provided their corporate credentials, enabling the attacker to access customer contact information for a “limited number” of customers.
“The threat actor’s access was identified and eradicated within 12 hours,” Twilio said in its update, adding that customers whose information was impacted by the June incident were notified on July 2, 2022.
When asked by TechCrunch, Twilio spokesperson Laurelle Remzi declined to confirm the exact number of customers impacted by the June breach and declined to share a copy of the notice that the company claims to have sent to those affected. Remzi also declined to say why Twilio has only just disclosed the incident.
“There is no evidence that the malicious actors accessed Twilio customers’ console account credentials, authentication tokens, or API keys,” Twilio said about the attackers, which maintained access to Twilio’s internal environment for two days between August 7 and August 9, the company confirmed.
The Twilio breach is part of a wider campaign from a threat actor tracked as “0ktapus,” which targeted at least 130 organizations, including Mailchimp and Cloudflare. But Cloudflare said the attackers failed to compromise its network after having their attempts blocked by phishing-resistant hardware security keys.
As part of its efforts to mitigate the efficacy of similar attacks in the future, Twilio has announced that it will also roll out hardware security keys to all employees. Twilio declined to comment on its rollout timeline. The company says it also plans to implement additional layers of control within its VPN, remove and limit certain functionality within specific administrative tooling, and increase the refresh frequency of tokens for Okta-integrated applications.
I am also using this shared hosting and writing this articles so everyone can be aware of frauds/ hacks/ problems. But a day will come when someone will also hack this site/contents and modify it or change it.
So I am suggesting whenever you ready this, never forget that “Don’t be in hurry, Don’t trust easily, Don’t follow anyone, Don’t believe everything you see or people stacks. It might be there are big roots but you can’t see as you don’t know until you become victim.”
Twilio hack investigation reveals second breach, as the number of affected customers rises
https://techcrunch.com/2022/10/28/twilio-june-data-breach/
The phishing attack on the SMS giant exposes the dangers of B2B companies to the entire tech ecosystem
https://www.wired.com/story/twilio-breach-phishing-supply-chain-attacks/
How To Protect Your Company From Smishing
Phishing Attacks Crushed Records Last Quarter, Driven by Mobile
https://www.darkreading.com/attacks-breaches/phishing-attacks-crushed-records-last-quarter
Hybrid Vishing Attacks Soar 625% in Q2
https://www.infosecurity-magazine.com/news/hybrid-vishing-attacks-soar-625-in/
