Bleeping Computer

Hackers abused API to verify millions of Authy MFA phone numbers

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS ...
Bleeping Computer

Twilio kills off Authy for desktop, forcibly logs out all users

Twilio has finally killed off its Authy for Desktop application, forcibly logging users out of the desktop application. In January, Twilio announced that the Authy desktop apps for Windows, macOS, and ...
Android Police

Twilio breach leaks over 30 million Authy-linked phone numbers

Karandeep Singh Oberoi is a Durham College Journalism and Mass Media graduate who joined the Android Police team in April 2024, after serving as a full-time News Writer at Canadian publication ...
SiliconANGLE

Twilio warns Authy users to update app following unauthenticated endpoint access

Cloud communications provider Twilio Inc. is asking Authy users to update their apps today after threat actors were able to identify data associated with Authy accounts through an unauthenticated ...
heise online

MFA app Authy: Countless phone numbers tapped via unsecured API

Twilio has reported that attackers have accessed data from Authy accounts. This is said to include the phone numbers of those affected. The attackers, who appear online as ShinyHunters, have ...
Android Authority

2FA hack reveals personal info on millions of people

Users of the Twilio Authy Authenticator app may have had their phone number exposed to hackers. While the leak exposed personally identifiable information, it did not directly compromise accounts.