Twilio was hacked during a massive phishing campaign

According to Twilio, while remaining anonymous, the hackers convinced several of the company’s employees to hand over their corporate credentials, allowing them to gain access to the company’s internal systems.

During the attack, unknown people used phishing SMS messages that allegedly came from the IT department of Twilio. They said that the password of the employees had expired or the work schedule had changed, so the attackers tried to lure the victim to a web address controlled by themselves

Twilio said the attackers included words like “Okta” and “SSO” in the messages to make them look more believable. The company said it has already contacted US carriers to stop phishing emails and hosting providers to block malicious URLs.

However, according to Twilio, the hackers were not immediately stopped. The attackers continued the mailing, changing telecom operators and hosting providers.

A company representative declined to say how many customers were affected and what data the attackers had access to. However, Twilio’s privacy policy states that the information it collects includes addresses, billing and personal information, and IP addresses.

The company said it revoked access to hacked accounts after the attack and trained employees to be prepared for social engineering attacks. Twilio has already contacted affected customers.

Twilio was hacked during a massive phishing campaign

khaledagn

Leave a Reply Cancel reply

Top Cybersecurity Tools for Linux: Strengthen Your Defense Arsenal

Two Men Charged for Selling Fentanyl on the Dark Web

The admin of Flugsvamp 2.0 Darkweb Marketplace is Still Internationally Wanted

Press ESC to close

Share Article:

Cisco has fixed a dangerous vulnerability that exposes the RSA key

Leave a Reply Cancel reply