August 29, 2022

IT Pro: Signal confirms 1,900 of its users were hit by Twilio breach

In the last few days, the encrypted messaging platform, ‘Signal’ confirmed a variety of their customers fell victim to the phishing attack on Twilio. It is estimated that 1,900 were affected by the breach via phone number and SMS verification links to “reset passwords” on a phony Twilio link. By posing as Twilio’s IT dept, the hackers were able to obtain victim’s login credentials. Unfortunately, it is still unclear who was behind this attack. Cloudflare also revealed they were subjected to a phishing attack around the very same time as Twilio, but was not breached as an end result owing to the corporation-vast use of hardware-centered, FIDO2-compliant multi-factor authentication (MFA) keys.

Read the Article

MORE FIDO in the News

Tagesspiegel Background: Man against machine against man

The goal of cybersecurity should not be to become better...

December 8, 2023

IT Pro: Passkeys, a passwordless authentication solution supported by major tech companies, provide a secure alternative using public key cryptography

Built on the WebAuthentication standard, they eliminate traditional password challenges....

WSJ: 23andMe Hack Is a Wake-Up Call for Your Password Habits

The recent 23andMe breach, exposing personal information belonging to 6.9...

Medium: Exploring the World of FIDO: Life Without Passwords

The FIDO Alliance is a pioneer in digital security and...

IT Pro: Signal confirms 1,900 of its users were hit by Twilio breach

Categories

Document Authenticity (DocAuth) Certification Program for Remote Identity Verification