Twilio has confirmed a data breach affecting 33 million users.
A hacker group came forward last week claiming to have stolen the phone numbers of millions from Twilio, a communications company. Now, Twilio has confirmed the data breach, stating that the hacker group specifically breached Authy, the two-factor authentication service, stealing the phone numbers of 33 million users.
Twilio confirmed the data breach in a statement to TechCrunch. “We have seen no evidence that the threat actors obtained access to Twilio’s systems or other sensitive data,” wrote spokesperson Kari Ramirez. “As a precaution, we are requesting all Authy users to update to the latest Android and iOS apps for the latest security updates and encourage all Authy users to stay diligent and have heightened awareness around phishing and smishing attacks.”
Twilio notified users of the data breach in a security alert on its website. The company says the breach happened “due to an unauthenticated endpoint.” They also state that they’ve taken steps to prevent such a breach from happening again in the future.
If you use Authy, you should follow Twilio’s advice and update your mobile app. If there are any updates to this story, we’ll be sure add that information to this article.
Donovan is a young journalist from Maryland, who likes to game. His oldest gaming memory is playing Pajama Sam on his mom's desktop during weekends. Pokémon Emerald, Halo 2, and the original Star Wars Battlefront 2 were some of the most influential titles in awakening his love for video games. After interning for Shacknews throughout college, Donovan graduated from Bowie State University in 2020 with a major in broadcast journalism and joined the team full-time. He is a huge Scream nerd and film fanatic that will talk with you about movies and games all day. You can follow him on twitter @Donimals_