Authy Customers Urged to Keep Alert After Hack Exposes 33 Million Cellphone Numbers – Uplaza

Twilio has up to date its Authy two-factor authentication (2FA) service after a hacker claimed to have retrieved 33 million cellphone numbers from its consumer database.

TechCrunch experiences that the hacker(s) generally known as ShinyHunters took to a widely known hacking discussion board to boast concerning the theft of 33 million cellular phone numbers, achieved by what Twilio described as the usage of an “authenticated endpoint.”

The U.S. messaging big confirmed this week that “threat actors” gained entry to its servers, ensuing within the theft of customers’ cellphone numbers, but it surely didn’t specify what number of had been accessed. The corporate mentioned it had taken motion to safe the exploit and stop comparable future unauthenticated requests.

“We have seen no evidence that the threat actors obtained access to Twilio’s systems or other sensitive data,” mentioned the corporate in a weblog submit. “While Authy accounts are not compromised, threat actors may try to use the phone number associated with Authy accounts for phishing and smishing attacks; we encourage all Authy users to stay diligent and have heightened awareness around the texts they are receiving.”

As Twilio notes, acquiring an inventory of cellphone numbers could not seem in itself to pose a extreme safety menace. Nevertheless, attackers may conceivably contact customers and declare to be Authy or Twilio representatives to be able to get them to disclose private info as a part of a phishing marketing campaign.

Customers ought to replace to the newest model of the iOS app, accessible on the App Retailer. Twilio additionally advises customers who can’t entry their Authy account to contact its assist staff instantly.

Firstly of the 12 months, Authy introduced that it was shutting down its Mac and Linux desktop apps in August 2024, however ended up bringing the date ahead. The apps had been subsequently killed off in March.