Twilio Suffers Data Breach After Employees Fall Victim to this

• The URLs included words such as “Twilio,” “Okta,” and “SSO” (short for single sign-on) to increase the chance of success and redirected the victims to a phony website that impersonated the company’s sign-in page. It’s not immediately clear if the breached accounts were secured by 2FA protections.
• Twilio said the messages originated from U.S. carrier networks and that it worked with the telecom service and hosting providers to shut down the scheme and the attack infrastructure used in the campaign. The takedown efforts, however, have been offset by the attackers migrating to other carriers and hosting providers.
• “Additionally, the threat actors seemed to have sophisticated abilities to match employee names from sources with their phone numbers,” it noted.
• The San Francisco-based firm has since revoked access to the compromised employee accounts to mitigate the attack, adding it’s examining additional technical safeguards as a preventive measure.
• The disclosure arrives as spear-phishing continues to be a major threat faced by enterprises.

To learn more about on 24/7 monitoring, Contact CyberNX

Disclaimer: Opinions/viewpoints expressed in this blog are entirely personal to the author. Ronnie Rodrigues (CyberNX Technologies Pvt Ltd) has nothing to do with these contents and they are not liable for anything whatsoever