Security News > 2022 > August > Twilio breach let hackers gain access to Authy 2FA accounts
Twilio's investigation into the attack on August 4 reveals that hackers gained access to some Authy user accounts and registered unauthorized devices.
Authy is a two-factor authentication service from Twilio that allows users to secure their online accounts where the feature is supported by identifying a second time via a dedicated app after typing in the login credentials.
Because of this, it is vital to secure your Authy account, as if hackers gain access to it, they can logon to your compromised account.
On Thursday, Twilio announced that the threat actor that gained access to its infrastructure on August 4 has also accessed accounts of 93 Authy users and linked devices to those accounts.
For those 93 users, the hackers would have been able to access the 2FA codes generated for the Authy users' accounts.
In previous updates on the incident, Twilio said that the breach impacted 125 customers, as hackers were able to access their authentication information.
News URL
Related news
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)