Twilio, the developer of the two-factor authentication (2FA) app Authy, has confirmed in an official statement that data has been leaked from the application. The Authy developer admitted that an attacker has obtained the phone numbers of a whopping 33 million Authy users. It’s also said that not only phone numbers but all data provided by users during registration has fallen into the hands of hackers.
Two-factor authentication apps have seen a decrease in trust
Twilio suffered a major hack by unidentified cyber attackers. It has been officially confirmed that they gained access to data associated with Authy accounts, particularly phone numbers. The company acknowledged that attackers obtained phone numbers but stated there is currently no evidence of access to their own systems or other sensitive data.
This hack attack on the application has brought serious risks for its users. The attackers now know users’ phone numbers, that they use 2FA, and specifically prefer Authy.
What should you do if you’ve used Authy?
Twilio, the app’s developer, advises all Authy users to update to the latest version of the app and to be cautious of suspicious SMS messages. Users of the app may receive phishing attempts via messages or calls from now on.
This hack attack raises serious questions about the trust users place in companies claiming to secure their cyber security. Recently, in another incident, profile photos from a widely used authentication service used by many tech giants were stolen.
What are your thoughts on this hack attack? Have you used the app before? Feel free to share your opinions with us in the comments section.