The customer engagement company identified and disclosed another Twilio Data Breach incident in June 2022 orchestrated by the same threat actors behind the August which resulted in unauthorized access of customer data.
This cybersecurity incident occurred on June 29, 2022 said in a their recent security advisory shared this week.
“In the June Twilio Data Breach incident, a Twilio employee was socially engineered through voice phishing (or ‘vishing’) to provide their credentials, and the malicious actor was able to access customer contact information for a limited number of customers,” said Twilio.
The company didn’t disclose the exact number of customers impacted by this security incident, and why the disclosure was made four months since the event occurred. Around 209 customers, up from 163 it reported on August 24th and 93 Authy users.
Twilio is a personalized customer engagement software with around 270,000 customers and the 2FA service has approximately 75 million total users.
“The last observed unauthorized activity in our environment was on August 9, 2022,” it said, adding, “There is no evidence that the malicious actors accessed Twilio customers’ console account credentials, authentication tokens, or API keys.”
To avoid such incidents in the future, the firm has distributed FIDO2-compliant hardware security keys to all employees, with an extra layer of control within its VPN, and mandatory security training for employees to enhance the awareness of social engineering attacks.
The Twilio Data Breach attacks has been claimed by Group-IB and Okta under the names Oktapus and Scatter Swine. The attackers sent rogue messages and called employee phones numbers to trick them into clicking fake links and extorting credentials for further exploitation.
Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.
You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.
Explore the top 5 best PAM Tools, market trends, and expert insights to secure the…
Explore the top solutions for Apple Device Management including to iOS Device Management and macOS…
Find the top 5 IAM software solutions, explore their features, and find the best tools…
MDM software is used to manage smartphones, tablets, laptops, kiosk devices and iPads and more.…
Discover the top 5 Scalefusion alternatives for MDM, offering better features, scalability, and integration for…
Compare Okta and OneLogin: a detailed guide on features, pricing, customer base, security, and more…