Twilio Announces a Data Breach Following an Employee Phishing Attack

Twilio, a provider of cloud communications, claims that some of its clients' data were accessed by criminals who broke into internal networks after acquiring employee login information through an SMS phishing attack.

The San Francisco-based communications giant said in a notice published Monday that it “became aware of unauthorized access” to some customer information on August 4, and to do this, criminals tricked a number of Twilio employees into giving them login information that grants access to the business’ internal systems.

They pretended to be Twilio’s IT department and asked employees to visit URLs featuring the keywords such as “Okta” and “SSO” to look legitimate, which means single sign-in to secure internal applications. Employees of Twilio were lured into clicking the embedded links in the SMS phishing messages by being informed that their passwords had either expired or were about to be changed.

Twilio added that it worked with the U.S. carriers to stop the messages, and hosting providers to shut down the fraudulent URLs, as well as those who were subjected to the same cyberattacks to join the efforts of defending the cyber security threats. It also revoked the compromised employee accounts from accessing its systems again and warned other employees of the incident.

However, cyber criminals seemed undeterred by the response and continued their cyberattacks by switching between carriers and hosting companies.

Twilio’s director refused to disclose more information when asked about the number of employee accounts were compromised in the phishing attack and how many customers were affected by the data breach that according to the company’s privacy policy, they include addresses, payment information, IP addresses and, occasionally, identity documentation.

Update: 125 customers were affected by the data breach incident but no password was stolen, according to the status updated on the Twilio website.

Cyberattacks today are getting more sophisticated than ever, which disguise as authoritative sources such as banks, senior management, professionals, and so much more. How to prevent cybercrimes mentioned above is the main concern of companies. Given the constantly growing internet threats facing businesses, having a strong security solution is vitally necessary.

Staff Training: Preparing your employees to confront devious cyber threats is something worth trying. Malicious emails or text messages from senders masqueraded as someone in your company that asks for personal details often seem legitimate to an untrained eye. So, check the links before clicking and the address from the received email. Using double authentication for logging in to the crucial systems is another proof. Last but not least, reporting suspicious links or activities to the IT department.

Software and Firewall Update: The weakness of the old software version may be cracks on the egg that would be exploited by cybercriminals. Thus, keep your software, systems, and firewalls updated and resilient. They will do the rest work for you.

Strong Passwords and Strict Access: Passwords can still prevent unknown visitors from accessing the system, but having the same ones for all is dangerous. Having different strong passwords with combinations of alphanumeric codes and special punctuation points, and changing them periodically will protect your data against potential internet threats. Making a difference between staff and admin rights in installing software and visiting certain data conduces to data security.

Data Backup and Disaster Recovery: To avoid serious downtime, data loss, and financial damage, you need to back up your data for disaster recovery. A complete and reliable backup solution should be easy to use, quick to backup, and responsive to disaster recovery. Vinchin Backup & Recovery is a versatile and well-integrated solution combing easy backup, anti-ransomware data protection, and data recovery.

Effortless VM Backup: With CBT-driven incremental backup, data reduction technologies, and mail warnings on programmable backup schedules through LAN, LAN-Free, and other specific transmission modes, you can increase the effectiveness of your backups. Then, centrally manage these jobs with progress information via a single administrative interface.

Backup Storage Protection: The software's real-time I/O detects and denies any previously unidentified abnormal access requests, ensuring that only Vinchin backup server is permitted and accessible to fight against insidious ransomware attacks or phishing attacks like that of Twilio.

Instant Recovery Backed by Offsite Backup Copy: 15s instant recovery feature restores a compromised workload to operation in a matter of seconds for virtually seamless business continuity and minimal system interruption.

Conclusion

Due to a straightforward system breach, the stories of companies paying hefty fines or even going out of business have been known. Ransomware and phishing attacks are only two examples of the numerous hazards that exist today, and ignoring these risks could cost you a lot. Prevention is crucial and you can start with data backup with the free trial of Vinchin Backup & Recovery now for peace of mind.