Twilio Confirms Data Breach Exposing 33 Million Authy Users' Phone Numbers via API Endpoint

Jul 3, 2024, 09:11 PM

Twilio has confirmed a data breach that exposed the phone numbers of 33 million users of its two-factor authentication app, Authy. Hackers exploited an unsecured API endpoint to verify these phone numbers, potentially making users vulnerable to smishing and SIM swapping attacks. Twilio has urged users to update their Authy apps and stay vigilant against phishing attempts. The breach, reported by TechCrunch, has raised concerns about the security of multi-factor authentication services and the potential for tailored phishing attacks. Twilio's stock, $TWLO, may be impacted by this incident.