Oktapus Attack On Twilio Exposes Data Of 163 Companies | Cyber Security Hub – Cyber Security Hub

Oktapus attack on Twilio exposes data of 163 companies | Cyber Security Hub – Cyber Security Hub

The phishing attack that led to a data breach for communications company Twilio has led to 163 companies, each with hundreds of customers of their own, being affected by the breach.
The breach, now referred to as Oktapus by researchers, involved a targeted phishing attack against Twilio employees to gain unauthorized access to Twilio’s servers and its customer data. The breach was discovered on 4 August.
The communications platform disclosed in an update on the attack that it has identified 163 Twilio customers whose “data was accessed without authorization for a limited period of time”. In addition 93 users of the two-factor authentication app Authy, which Twilio owns, saw their accounts accessed and additional devices registered by the bad actors. Twilio has since notified all users that had their accounts accessed and has removed all unauthorized devices.
A number of companies have reported that their customer data was compromised during the breach, including messaging app Signal, who reported 1,900 users may have had their phone numbers revealed to hackers, with some users directly targeted.
Food delivery company DoorDash said that a “small percentage of individuals whose data is maintained by DoorDash” had their personal data including name, email address, delivery address and phone number. In addition, a smaller number of customers had their “basic order information and partial payment card information” accessed during this data breach.
Since its attack, Twilio has said it enforced “a number of additional measures internally to protect against these attacks”, including “hardening security controls at multiple layers”. While Twilio says that malicious actors have continued to launch attacks, they have not seen any suspicious activity since 10 August. 
September 07 – 08, 2022
Free CS Hub Online Event
14 September, 2022
Online
September 18 – 20, 2022
Dallas, TX
27 September, 2022
Online
October 18 – 20, 2022
Free CS Hub Online Event
November 02 – 03, 2022
Free CS Hub Online Event
Insights from the world’s foremost thought leaders delivered to your inbox.
2022-09-27
02:00 PM – 03:00 PM GMT
2022-09-14
10:00 AM – 11:00 AM SGT
2022-08-25
10:00 AM – 11:00 AM BST
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC

Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!

We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

source


Leave a Comment

Leave a Reply

Your email address will not be published.

Download New Kali Linux 2022.3 – HackRead

Rising at 17.80% CAGR, Cyber Security in Healthcare Market Share to Reach USD 32.9 Billion, Globally by 2028: Comprehensive Research Report by Facts & Factors – GlobeNewswire

Northern Michigan University Makes First Cyber Security Symposium Free to the Public – keweenawreport.com

Singtel Readies $300 Million Sale of Cyber Security Arm Trustwave, Sources Say – Bloomberg