The communications giant Twilio confirmed that hackers they managed to gain access on customer data after defrauding employees with phishing attacks.
The San Francisco-based company, which allows users to integrate voice and SMS capabilities – such as control ταυτότητας δύο παραγόντων (2FA) – σε applications, said in a blog post Monday that someone with "unauthorized access" accessed information related to some Twilio customer accounts on Aug. 4.
Twilio has more than 150.000 large customers, including Facebook and Uber.
According to the company, the unknown hacker convinced several Twilio employees to provide their credentials, which allowed him to gain access to the company's internal systems.
For the attack χρησιμοποίησε SMS phishing που υποτίθεται ότι προέρχονταν από το τμήμα IT της Twilio. Τα μηνύματα ανέφεραν ότι ο κωδικός access of employees had expired and advised the target to log in using a fake web address that the attacker controlled.