Home » Breaking Computer security Cyber Security data security Latest Cybersecurity News

Another Twilio data breach has been identified affecting 209 customers

William Marshal Posted On October 30, 2022
0


Twilio Data Breach

The customer engagement company identified and disclosed another Twilio Data Breach incident in June 2022 orchestrated by the same threat actors behind the August which resulted in unauthorized access of customer data.

This cybersecurity incident occurred on June 29, 2022 said in a their recent security advisory shared this week.

“In the June Twilio Data Breach incident, a Twilio employee was socially engineered through voice phishing (or ‘vishing’) to provide their credentials, and the malicious actor was able to access customer contact information for a limited number of customers,” said Twilio.

The company didn’t disclose the exact number of customers impacted by this security incident, and why the disclosure was made four months since the event occurred. Around 209 customers, up from 163 it reported on August 24th and 93 Authy users.

More about the Twilio Data Breach incident

Twilio is a personalized customer engagement software with around 270,000 customers and the 2FA service has approximately 75 million total users.

“The last observed unauthorized activity in our environment was on August 9, 2022,” it said, adding, “There is no evidence that the malicious actors accessed Twilio customers’ console account credentials, authentication tokens, or API keys.”

Twilio data breach

To avoid such incidents in the future, the firm has distributed FIDO2-compliant hardware security keys to all employees, with an extra layer of control within its VPN, and mandatory security training for employees to enhance the awareness of social engineering attacks.

The Twilio Data Breach attacks has been claimed by Group-IB and Okta under the names Oktapus and Scatter Swine. The attackers sent rogue messages and called employee phones numbers to trick them into clicking fake links and extorting credentials for further exploitation.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.

Share the article with your friends




Author

William Marshal

William has been one of the key contributors to 'The Cybersecurity Times' with 9.5 years of experience in the cybersecurity journalism. Apart from writing, he also like hiking, skating and coding.

You may also like
Top 9 Best Log Management Tools for 2025
September 20, 2025
Top 4 Remote Support Tools for 2025- Best Remote Support Solution
September 18, 2025
Top 5 Best Unified Endpoint Management (UEM) Software for 2025
September 12, 2025
Leave A Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.