5 C
London
Friday, January 27, 2023

Twilio employees were tricked into a phishing scam…and some customers were affected

Must read

The US economy grew by 2.9 percent in December

Real gross domestic product (GDP) increased by 2.9 percent year-on-year in the fourth quarter of 2022. In the third quarter real GDP has...

In latest round of layoffs by tech majors, SAP cuts 2,900 jobs and IBM 3,900

European software giant SAP joined the parade of tech companies laying off staff, announcing on Thursday it would cut about 2,900 jobs after the...

Abi Monterey, Milly Shapiro’s sister; Is she known as Abigail Shapiro?

Abbie Monterey is an American actress known for appearing in the hit TV series, Doom patrol. She is also recognized as the sister...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Digital communications platform Twilio was hacked after a phishing campaign tricked its employees into revealing their credentials (through TechCrunch). The company disclosed the data breach in a post on his blog, noting that only “a limited number” of customer accounts were affected by the attack. Twilio enables web services to send text messages and make voice calls over telephone networks and is used by companies such as Uber, Twitter and Airbnb.

The hack took place on August 4 and involved a bad actor who sent text messages to Twilio employees asking them to reset their passwords or notifying them of a change in their schedule. Each message contained a link with keywords such as “Twilio,” “SSO” (single sign-on), and “Okta,” the name of the user authentication service used by many companies. The link led employees to a page that mimicked a real Twilio login page, allowing hackers to collect the information employees entered there.

After becoming aware of the breach, Twilio teamed up with US phone companies to shut down the texting scheme and also had web hosting platforms remove the fake login pages. Despite this, Twilio says hackers have managed to switch to new hosting and mobile carriers to continue their campaign.

“Based on these factors, we have reason to believe that the threat actors are well-organized, sophisticated and methodical,” added Twilio. “Socially manipulated attacks are – by their very nature – complex, sophisticated and built to challenge even the most sophisticated defenses.”

Twilio is working with law enforcement to find out who is responsible for the campaign and says it has also heard of companies that have been “victims of similar attacks”. Twilio has since cut off access to the compromised employee accounts and will also warn all customers affected by the breach.

Social engineering is becoming an increasingly common tactic for hackers. Earlier this year, a report by Bloomberg revealed that both Apple and Meta shared data with hackers posing as law enforcement officers. Last year, a hacker tricked a Robinhood customer service representative into revealing the information of more than 7 million customers.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

The US economy grew by 2.9 percent in December

Real gross domestic product (GDP) increased by 2.9 percent year-on-year in the fourth quarter of 2022. In the third quarter real GDP has...

In latest round of layoffs by tech majors, SAP cuts 2,900 jobs and IBM 3,900

European software giant SAP joined the parade of tech companies laying off staff, announcing on Thursday it would cut about 2,900 jobs after the...

Abi Monterey, Milly Shapiro’s sister; Is she known as Abigail Shapiro?

Abbie Monterey is an American actress known for appearing in the hit TV series, Doom patrol. She is also recognized as the sister...

Pelosi says it would be “really difficult” to view CCTV footage of the husband’s brutal assault

Former House Speaker Nancy Pelosi said Thursday she's not sure she'll watch the soon-to-be-released body camera video of an officer responding to the brutal...