Security News > 2022 > August > Twilio breach let hackers gain access to Authy 2FA accounts

Twilio breach let hackers gain access to Authy 2FA accounts
2022-08-26 16:20

Twilio's investigation into the attack on August 4 reveals that hackers gained access to some Authy user accounts and registered unauthorized devices.

Authy is a two-factor authentication service from Twilio that allows users to secure their online accounts where the feature is supported by identifying a second time via a dedicated app after typing in the login credentials.

Because of this, it is vital to secure your Authy account, as if hackers gain access to it, they can logon to your compromised account.

On Thursday, Twilio announced that the threat actor that gained access to its infrastructure on August 4 has also accessed accounts of 93 Authy users and linked devices to those accounts.

For those 93 users, the hackers would have been able to access the 2FA codes generated for the Authy users' accounts.

In previous updates on the incident, Twilio said that the breach impacted 125 customers, as hackers were able to access their authentication information.


News URL

https://www.bleepingcomputer.com/news/security/twilio-breach-let-hackers-gain-access-to-authy-2fa-accounts/