August 29, 2022

IT Pro: Signal confirms 1,900 of its users were hit by Twilio breach

In the last few days, the encrypted messaging platform, ‘Signal’ confirmed a variety of their customers fell victim to the phishing attack on Twilio. It is estimated that 1,900 were affected by the breach via phone number and SMS verification links to “reset passwords” on a phony Twilio link. By posing as Twilio’s IT dept, the hackers were able to obtain victim’s login credentials. Unfortunately, it is still unclear who was behind this attack. Cloudflare also revealed they were subjected to a phishing attack around the very same time as Twilio, but was not breached as an end result owing to the corporation-vast use of hardware-centered, FIDO2-compliant multi-factor authentication (MFA) keys.

MORE FIDO in the News


NZZ Magazine: The end of the password search

Apple is not cooking up its own security soup when...

September 23, 2022

UploadMagazin: Passkeys and FIDO: The future without passwords explained

The future without passwords is explained in this German feature...

September 16, 2022

Security Insider: What is FIDO?

This piece in a top tier German security magazine offers...


Help Net Security: IoT: The huge cybersecurity blind spot that’s costing millions

This contributed byline from Andrew Shikiar, executive director and CMO...

Download Authn Specs
Sign up for updates!Get news from FIDO Alliance in your inbox.

By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.