Attackers Break Into Twilio Customer Data Via Phishing Attack

Cloud communications company Twilio has confirmed a data breach in which attackers stole customer data via a text message phishing attack.

According to the company, the attackers gained access to its systems after tricking and stealing the credentials of several employees.

To carry out the attack, the threat actors impersonated Twilio’s IT department and asked them to click on URLs with “Twillo,” “Okta,” and “SSO” keywords. Twilio’s employees were tricked into clicking on the embedded links after being warned that their passwords had expired and needed to be changed.

“The text messages originated from U.S. carrier networks. We worked with the U.S. carriers to shut down the actors and worked with the hosting providers serving the malicious URLs to shut those accounts down,” Twilio said.

While the attackers are yet to be identified, the company said the problem has been reported to law enforcement and investigations are ongoing.

Twilio has revoked the employee accounts compromised during the attack in order to block the attackers from accessing its systems.

“As the threat actors were able to access a limited number of accounts’ data, we have been notifying the affected customers on an individual basis with the details,” Twilio said.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web