Security News > 2022 > August > Cloudflare employees also hit by hackers behind Twilio breach

Cloudflare says some of its employees' credentials were also stolen in an SMS phishing attack similar to the one that led to Twilio's network being breached last week.

Although the attackers got their hands on Cloudflare employees' accounts, they failed to breach its systems after their attempts to log in using them were blocked since they didn't have access to their victims' company-issued FIDO2-compliant security keys.

"Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare's employees," Cloudflare explained on Tuesday.

"While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications."

Unlike Cloudflare, the company said the attackers were able to access some of its customers' data after breaching internal systems using stolen employee credentials in an SMS phishing attack.

"We have heard from other companies that they, too, were subject to similar attacks, and have coordinated our response to the threat actors - including collaborating with carriers to stop the malicious messages, as well as their registrars and hosting providers to shut down the malicious URLs," Twilio said.

News URL

https://www.bleepingcomputer.com/news/security/cloudflare-employees-also-hit-by-hackers-behind-twilio-breach/