Cyber Threat Radar – Cryptocurrency enthusiasts are being vigilant following a recent data breach that exposed details of users of Twilio’s 2FA application.
The perpetrators called ShinyHunters, proudly shared their malicious activities on BreachForums. The compromised information consisted of phone numbers and account IDs, although it was stated that no personal information was disclosed.
33M People Affected By Data Breach
Last week, cloud communications company Twilio confirmed the data breach of its app Authly, affecting 33 million people:
- Twilio has detected that threat actors were able to identify data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint. We have taken action to secure this endpoint and no longer allow unauthenticated requests.
- We have seen no evidence that the threat actors obtained access to Twilio’s systems or other sensitive data. As a precaution, we are requesting that all Authy users update to the latest Android and iOS apps for the latest security updates. While Authy accounts are not compromised, threat actors may try to use the phone number associated with Authy accounts for phishing and smishing attacks; we encourage all Authy users to stay diligent and have heightened awareness around the texts they are receiving.
2FA App Popular Among Cryptocurrency Enthusiasts
Authly, a popular 2FA app among cryptocurrency enthusiasts, enables 2FA authentication across various crypto platforms and exchanges such as Binance and Gemini. Additionally, the US-based crypto.com has endorsed Authly as the preferred choice for its users.
Twilio stressed that there was no indication that the hackers had breached their internal systems or acquired any confidential information. Nevertheless, they recommended that users take steps to safeguard themselves against potential scams or security breaches.
“The Authly hack may not have disclosed sensitive data, but it did put users at risk of falling victim to phishing attempts,” commented Tim Jenkins, Head of Cyber Defense Research, SentryBay. “It is crucial for users to remain alert for any possible scams in the future. Although acquiring a list of phone numbers may not seem like a severe breach, it still has the potential to endanger the individuals associated with those numbers. Using just a list of exposed user phone numbers, threat actors can impersonate Authy/Twilio to the users, making a phishing attack on that phone number more convincing.”