Twilio has up to date its iOS Authy two-factor authentication app following a hack that reportedly noticed 33 million cellphone numbers being stolen.
Now Twilio, developer of the app, has confirmed in a weblog put up that it was hacked, in what it says was a restricted manner. With out saying how many individuals had been affected, the corporate says the hack was confined to telephone numbers.
“We have seen no evidence that the threat actors obtained access to Twilio’s systems or other sensitive data,” says the corporate. “While Authy accounts are not compromised, threat actors may try to use the phone number associated with Authy accounts for phishing and smishing attacks; we encourage all Authy users to stay diligent and have heightened awareness around the texts they are receiving.”
Twilio says that the hack used what it describes solely as an “unauthenticated endpoint.” The corporate has now stopped permitting such unauthenticated requests, and says it has secured this specific endpoint.