US-based Cloud communications company Twilio has admitted data breach as hackers entered its internal systems after stealing employee credentials in an SMS phishing attack.
Twilio said it identified 125 customers who had their data accessed during a security breach.
“We have identified approximately 125 Twilio customers whose data was accessed by malicious actors for a limited period of time, and we have notified all of them,” Twilio said in a statement.
Twilio, which owns popular two-factor authentication (2FA) Authy, said over the weekend that on August 4, it became aware of unauthorised access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.
“The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data,” it said in a statement.
According to Bleeping Computer, the SMS phishing messages “baited Twilio’s employees into clicking the embedded links by warning them that their passwords had expired or were scheduled to be changed”.
Twilio later revoked the compromised employee credentials to block the attackers’ access to its systems.
The company also asked several US mobile carriers to shut down the accounts used to deliver the phishing messages, the report mentioned.