Security News > 2022 > August > Cloudflare employees also hit by hackers behind Twilio breach
Cloudflare says some of its employees' credentials were also stolen in an SMS phishing attack similar to the one that led to Twilio's network being breached last week.
Although the attackers got their hands on Cloudflare employees' accounts, they failed to breach its systems after their attempts to log in using them were blocked since they didn't have access to their victims' company-issued FIDO2-compliant security keys.
"Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare's employees," Cloudflare explained on Tuesday.
"While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications."
Unlike Cloudflare, the company said the attackers were able to access some of its customers' data after breaching internal systems using stolen employee credentials in an SMS phishing attack.
"We have heard from other companies that they, too, were subject to similar attacks, and have coordinated our response to the threat actors - including collaborating with carriers to stop the malicious messages, as well as their registrars and hosting providers to shut down the malicious URLs," Twilio said.
News URL
Related news
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)