Twilio is the Cloud Communications Company. They are the latest to fall victim to a data breach.
The company recently disclosed that some of its customer data was accessed by unknown attackers who gained access to the system by stealing employee login credentials via an SMS phishing attack, known as 'Smishing,' for short.
The company's disclosure reads in part as follows:
"On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.
The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data."
The smishing attack succeeded because the attackers were able to convince company employees that the SMS messages they were receiving were coming from the company's own IT department. The messages contained URLs containing the keywords "Twilio," "SSO" and "Okta" which are commonly used by the company.
Unfortunately, if an employee tapped these links, they would not be taken to company resources but rather to a page that had been cloned to appear as a legitimate company sign in page.
Here, they received a message that their password had expired, and the employee was asked to enter their information as part of the process of changing it.
Naturally, this action did not change the employee's password, but it did hand it over to the hackers waiting on the other end.
Per a Twilio spokesman, the attackers were only able to access data belonging to a limited number of customers, and the company is currently in the process of reaching out to those who were impacted.
If you have a Twilio account and are not contacted, your data and your account should be fine. If you are contacted, Twilio will provide you with additional information at that time.
If this tip helps and you would like to donate click on the button. Thanks In Advance
________________________________________________________________________________________________________
"Fortune Favors Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
