Beware: Twilio Hackers Leak Data, Put Crypto Users on Alert

The Twilio Authy data breach has significant implications for the security of crypto users, exposing them to phishing attacks.

Guy getting a headache from Twilio Hackers.
Created by Kornelija Poderskytė from DailyCoin
  • Twilio confirms breach, leading to 33 million phone number leaks.
  • Exposed data could lead to phishing attacks against crypto users.
  • Users should disable the multi-device function. 

The security of digital assets has always been a critical concern in the cryptocurrency world. As the industry has become a prime target for cybercriminals, robust security measures need to be in place. However, sometimes these protective measures can themselves be exploited. 

Most recently, Twilio has confirmed a major data breach affecting its widely-used Authy app. The app is popular for two-factor authentication (2FA) for crypto exchanges like Binance, Gemini, and Crypto.com. 

Twilio Hack Targets 33M Authly Users, Many in Crypto

Crypto users are on alert after a recent hack revealed information about popular 2FA app users. On Thursday, July 4, Twilio confirmed a data breach of its app Authly, affecting 33 million people. The culprits, known as ShinyHunters, boasted about their devious actions on BreachForums. The exposed data included phone numbers and account IDs but reportedly did not contain personal details.

Sponsored

Authly is a 2FA app popular with crypto users. It supports 2FA authentication on multiple crypto platforms and exchanges, including Binance and Gemini. Moreover, US-based crypto.com specifically recommended Authly for its users. 

Authly guide for setting up 2FA on multiple crypto exchanges.
Source: Authly

Twilio emphasized that no evidence suggested the hackers had accessed their internal systems or obtained other sensitive data. However, they did advise users to take action to protect themselves from future scams or hacks. 

What Users Need to Do After the Authly Hack

Twilio advised all Authly users to immediately do the following steps to prevent potential privacy breaches and financial losses: 

Sponsored

  1. Update Security Settings: Ensure that your Authy app and other security applications are updated to the latest versions.
  2. Disable Multi-Device Functionality: This prevents unauthorized access to 2FA tokens, even if the phone number is compromised.
  3. Be Vigilant Against Phishing Attacks: Phone number leaks often lead to phishing attacks, where criminals pose as trusted entities to scam their victims. Users should be vigilant of any unsolicited messages or calls requesting personal information or login credentials.

By following these steps, Authly users can greatly reduce the risks of scammers taking advantage of them.    

On the Flipside

  • Phishing attacks are becoming increasingly common in crypto. For instance, in April, scammers used phishing ads to target Etherscan users
  • While phishing is common, scammers get the most money from “spear phishing,” targeting specific, high-value targets.  

Why This Matters 

While the Authly hack did not reveal sensitive information, it did expose users to potential phishing. Users need to stay vigilant over potential future scams coming their way. 

Read more about phishing and other types of scams in crypto: 
Types of Crypto Scams: Common Cryptocurrency Scams You Need to Watch Out for

Read more about the new memecoin basket index: 
Memecoins Get New BitMEX Basket Index for Simpler Trading

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Author
David Marsanic

David Marsanic is a journalist for DailyCoin who covers the intersection of crypto, traditional finance, and government. He focuses on institutionalized crypto entities like major cryptocurrency exchanges and Solana, breaking down complex topics into easy-to-understand writing. David's prior experience as a business journalist at various crypto and traditional news sites has enabled him to maintain a critical approach to news while adhering to high journalistic integrity standards.