News Hub

Cloud platform Twilio target of successful social engineering hack

Written by Fri 12 Aug 2022

Employees at the cloud communications platform, Twilio recently fell victim to a sophisticated social engineering attack that made some customer data available to hackers.

A number of staff received personalised text messages that cyber criminals sent which impersonated Twilio’s IT department, with login credentials then being entered on a fake login page.

The messages asked employees to change their passwords and included a fraudulent link that contained the keywords “Twilio”, “Okta”, and “SSO” in an effort to make these links look genuine. Once login credentials had been collected, hackers used these to gain access to sensitive systems.

“As the threat actors were able to access a limited number of accounts’ data, we have been notifying the affected customers on an individual basis with the details. If you are not contacted by Twilio, then it means we have no evidence that your account was impacted by this attack,” the company said in a recent blog post addressing the breach.

Twilio has not made the extent of the breach public and has mentioned that there is an ongoing investigation. As the text messages originated from US carrier networks, the company has been able to work with these firms to “shut down the actors”, and has partnered with hosting service providers to stop the malicious links from causing any more damage.

It’s not just Twilio that was subjected to this form of attack, with the company also hearing from other businesses who faced similar attacks. Based on the initial attack and research, Twilio believe that these attacks were organised by sophisticated actors, especially because the hackers were able to connect staff names with phone numbers, making the attack even more dangerous.

As soon as Twilio discovered the attack, its security team revoked access to the compromised accounts and engaged a forensics firm to work on the investigation into what exactly happened in the attack.

Written by Fri 12 Aug 2022


cybercrime data hacking security
Send us a correction Send us a news tip