Security News > 2022 > August > Twilio Breach Also Compromised Authy Two-Factor Accounts of Some Users

Twilio, which earlier this month became a sophisticated phishing attack, disclosed last week that the threat actors also managed to gain access to the accounts of 93 individual users of its Authy two-factor authentication service.

The communication tools company said the unauthorized access made it possible for the adversary to register additional devices to those accounts.

Authy, acquired by Twilio in February 2015, allows safeguarding online accounts with a second security layer to prevent account takeover attacks.

Twilio further noted its investigation as of August 24, 2022, turned up 163 affected customers, up from 125 it reported on August 10, whose accounts it said were hacked for a limited period of time.

"The threat actor used credentials previously stolen in phishing campaigns to trigger SMS-based MFA challenges, and used access to Twilio systems to search for one-time passwords sent in those challenges," Okta theorized.

Another supply chain victim of the campaign is food delivery service DoorDash, which said it detected "Unusual and suspicious activity from a third-party vendor's computer network," prompting the company to disable the vendor's access to its system to contain the breach.

News URL

https://thehackernews.com/2022/08/twilio-breach-also-compromised-authy.html