Authy, a two-factor authentication (2FA) service used by Twilio, was accessed by attackers after compromising the provider of programmable communication tools Twilio.
Researchers say the Twilio data breach is part of a larger campaign of cyberattacks targeting more than 300 organizations.
According to Twilio, the attackers who gained access to its infrastructure on August 4 were also able to access the accounts of 93 Authy users and linked devices to those accounts.
Although Twilio stated that the compromised Authy accounts belong to individual users and represent only a small fraction of the total of 75 million users, the 93 compromised users mean that the attackers were able to access the 2FA codes generated for the Authy users’ accounts.
Twilio revealed that 163 Twilio users whose data was accessed by the attackers for a limited period of time were notified by the company of the unauthorized access.
To protect their accounts, users are asked to review any linked account(s) for suspicious activity, review all devices connected to their Authy accounts, and add a backup device while disabling “Allow Multi-device” in the Authy application.
The sources for this piece include an article in BleepingComputer.