According to Twilio, while remaining anonymous, the hackers convinced several of the company’s employees to hand over their corporate credentials, allowing them to gain access to the company’s internal systems.

During the attack, unknown people used phishing SMS messages that allegedly came from the IT department of Twilio. They said that the password of the employees had expired or the work schedule had changed, so the attackers tried to lure the victim to a web address controlled by themselves

Twilio said the attackers included words like “Okta” and “SSO” in the messages to make them look more believable. The company said it has already contacted US carriers to stop phishing emails and hosting providers to block malicious URLs.

However, according to Twilio, the hackers were not immediately stopped. The attackers continued the mailing, changing telecom operators and hosting providers.

A company representative declined to say how many customers were affected and what data the attackers had access to. However, Twilio’s privacy policy states that the information it collects includes addresses, billing and personal information, and IP addresses.

The company said it revoked access to hacked accounts after the attack and trained employees to be prepared for social engineering attacks. Twilio has already contacted affected customers.