Communications giant Twilio hacked

Communications company Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials.

Twilio has more than 150,000 corporate customers, including Facebook and Uber.

The San Francisco-based firm, which allows users to build voice and SMS capabilities — such as two-factor authentication (2FA) — into applications, said in a blog post published Monday that it became aware that someone gained “unauthorized access” to information related to some Twilio customer accounts on Aug 4.

According to Twilio, the as-yet-unidentified hacker convinced multiple Twilio employees into handing over their credentials, which allowed access to the company’s internal systems.

The attack used SMS phishing messages that purported to come from Twilio’s IT department, suggesting that the employees’ password had expired or that their schedule had changed, and advised the target to log in using a spoofed web address that the attacker controls.

The firm said that the attackers sent these messages to look legitimate, including words such as “Okta” and “SSO,” referring to single sign-on, which many companies use to secure access to their internal apps.

Twilio reported since the cyberattack, it has revoked access to the compromised employee accounts and has increased its security training to ensure employees are on “high alert” for social engineering attacks. The company said it has begun contacting affected customers on an individual basis.

In the same time, a massive data breach compromised nearly 100,000 doctors, nurses, and other healthcare professionals working at major hospitals across the United States.