The customer engagement company identified and disclosed another Twilio Data Breach incident in June 2022 orchestrated by the same threat actors behind the August which resulted in unauthorized access of customer data.
This cybersecurity incident occurred on June 29, 2022 said in a their recent security advisory shared this week.
“In the June Twilio Data Breach incident, a Twilio employee was socially engineered through voice phishing (or ‘vishing’) to provide their credentials, and the malicious actor was able to access customer contact information for a limited number of customers,” said Twilio.
The company didn’t disclose the exact number of customers impacted by this security incident, and why the disclosure was made four months since the event occurred. Around 209 customers, up from 163 it reported on August 24th and 93 Authy users.
Twilio is a personalized customer engagement software with around 270,000 customers and the 2FA service has approximately 75 million total users.
“The last observed unauthorized activity in our environment was on August 9, 2022,” it said, adding, “There is no evidence that the malicious actors accessed Twilio customers’ console account credentials, authentication tokens, or API keys.”
To avoid such incidents in the future, the firm has distributed FIDO2-compliant hardware security keys to all employees, with an extra layer of control within its VPN, and mandatory security training for employees to enhance the awareness of social engineering attacks.
The Twilio Data Breach attacks has been claimed by Group-IB and Okta under the names Oktapus and Scatter Swine. The attackers sent rogue messages and called employee phones numbers to trick them into clicking fake links and extorting credentials for further exploitation.
Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.
You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.
Discover the best log management tools for efficient system management and monitoring. Learn about the…
Taking remote of devices and managing them will make thing simple for IT admins. In…
In 2024, the Unified Endpoint Management Software market will continue to evolve and here are…
Explore the top 5 threat intelligence tools, their features, and how they enhance cybersecurity against…
Explore the top 5 best Microsoft Intune alternatives, comparing key features, user reviews, and capabilities…
Recast Software offers a suite of tools designed to enhance and simplify endpoint management in…