Security News

Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated phishing attack against Twilio. The attack, which transpired around the same time Twilio was targeted, came from four phone numbers associated with T-Mobile-issued SIM cards amd was ultimately unsuccessful.

Cloudflare says it was subject to a similar attack to one made on comms company Twilio last week, but in this case it was thwarted by hardware security keys that are required to access applications and services. According to Cloudflare, it recorded a very similar incident late last month, which could suggest the two attacks may have originated from the same attacker or group.

Cloudflare says some of its employees' credentials were also stolen in an SMS phishing attack similar to the one that led to Twilio's network being breached last week. Although the attackers got their hands on Cloudflare employees' accounts, they failed to breach its systems after their attempts to log in using them were blocked since they didn't have access to their victims' company-issued FIDO2-compliant security keys.

Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some internal company systems and customer data.Apparently, Twilio employees were not the only ones targeted by these attackers.

Twilio confirmed a breach of the communication giant's network and accessed "a limited number" of customer accounts after tricking some employees into falling for a phishing attack. Twilio said it first became aware of the breach on August 4, after current and former employees received text messages claiming to be from Twilio's IT department saying the employees' passwords were expired, or for some other reason they needed to log into a phony URL that looked like Twilio's sign-in page.

Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. "On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said over the weekend.