Overview

• Twilio detected the breach through an unauthenticated API endpoint, which has since been secured.
• The stolen data includes phone numbers but no other sensitive information from Twilio's systems.
• Users are advised to update their Authy apps on Android and iOS for the latest security patches.
• Authy users should be vigilant against potential phishing and smishing attacks.
• Previous breaches in 2022 also targeted Twilio, compromising employee credentials and Authy accounts.