Twilio’s Authy research into the August 4 breach shows that hackers registered illegal devices on Authy user accounts.
Authy is a two-factor authentication (2FA) service from Twilio that lets users safeguard online accounts that enable the functionality by identifying a second time via a dedicated app.
Twilio’s Authy provides a one-time passcode when 2FA is activated. This prevents access even if login credentials are stolen.
The service, which rivals Google Authenticator, synchronises 2FA tokens across registered devices.
More From Us:Oracle Sued For Tracking 5 Billion People
Twilio’s Authy accounts compromised
Twilio announced Thursday that the August 4 threat actor also accessed 93 Authy accounts and linked devices to them.
Twilio says the hacked Authy accounts belong to individual users and are a minuscule percentage of 75 million.
Therefore, 93 people’ 2FA codes were accessible to hackers.
Unknown if hackers targeted 93 Twilio’s Authy users.
The company has deleted unauthorised devices from compromised accounts and informed impacted individuals with recommendations on how to protect them.
Review any associated accounts for unusual activity and contact their provider(s).
Remove any unrecognised devices from their Twilio’s Authy account.
Add a backup device and disable “Allow Multi-device” in the Authy app to prevent unauthorised device additions. To add new devices, users can re-enable “Allow Multi-device.” Here are steps.
The cloud communications firm says 163 Twilio users’ data was accessed for a limited time. They also got unauthorised access notifications.
The Twilio data breach appears to be part of a wider campaign that targeted 130 companies, including MailChimp, Klaviyo, and Cloudflare.
Twilio previously reported that 125 customers’ authentication information was compromised.