This attack on one of the biggest US-based communication companies Twilio has led millions to think about where their personal information is safe today.
The entire tech ecosystem is in question yet again with the ever-increasing social phishing scams. Over two hundred and seventy thousand customers were left with no clue as to what to do next. This social engineering attack started to come into notice in the first week of August 2022 when the company’s employees came across some Phishing Texts. The texts were curated to be so real that they had terms like “Twilio”, “Octa” and “SSO” so that no person gives a second thought to opening the malicious link sent on their mobile phones. These text messages even originated from U.S. network carriers. Twilio then got in touch and worked with the U.S. carriers to shut these down.
The threat actors succeeded in fooling some employees into providing their credentials and this led to the ease of retrieving the customers' information out of the systems.
The company revealed that the threat actors were so well-organized, sophisticated, and methodical with their work that even after contacting all the hosting servers, network carriers, and what not to carry down their malicious links, the actors were still able to carry on with the phishing attack.
Many other companies experienced the same kind of social attacks around the near times which made it even harder to fight them as these engineered attacks were super complex and advanced making it tough to deal with them.
Twilio, in the initial stages revealed that only 125 customers' data was accessed by malicious actors for a small period of time which later changed to 163 Twilio Customers. They promised personal assistance to each of them to get over it. They further stated that upon extensive research, they couldn't find any evidence of customer passwords, authentication tokens, or API keys to be accessed without authorization which came as a sigh of relief to all the Twilio Customers.
In the last week of August, Twilio stated that 93 out of a total of 75 million accounts of Authy Users were also slipped into this malicious attack. In February of 2015, Twilio announced the acquisition of Authy, a leading provider of two-factor authentication. After this update on the ongoing scam attack, Twilio assured that they have reviewed each of the affected accounts and worked with the respective users to see if they have any queries. They removed all the unauthorized devices tied to the Authy accounts, which the user denied recognizing.
The company is still ongoing with the investigation but there is no update after this to date.