Tag: $1,900,
Save $1,900: Free iPad, Apple Watch, and Beats if you upgrade to a 5G iPhone
Signal alerts 1,900 messaging users to a security threat from Twilio hackers
A data breach earlier this month affecting Twilio, a gateway that helps web platforms communicate over SMS or voice, may have had repercussions for users of Signal, the encrypted messaging platform. Today, Signal announced it has alerted 1,900 users that their accounts were potentially revealed to whoever hacked Twilio and said that the attackers searched for three specific numbers during the time they had access.
So far, Signal says it has heard from one of those three users that the attackers used their Twilio access to re-register a new device associated with their number, which would allow them to send and receive messages from that account.
According to Signal, “message history, contact lists, profile information, whom they’d…
Signal says third-party data breach exposed 1,900 phone numbers
Signal’s reputation for secure messaging doesn’t make it completely invulnerable to hacking incidents. The company has confirmed that a data breach at verification partner Twillio exposed the phone numbers and SMS codes of roughly 1,900 users. As TechCrunchobserved, the intruder could have either used the information to either identify Signal users or re-register their numbers to other devices.
The data has already been misused. The culprit searched for three phone numbers, and re-registered the account of one user. Signal doesn’t store chat histories or contacts online, so the breach shouldn’t have revealed other sensitive details.
Signal is taking steps to limit the damage. It will unregister the app on all devices linked to affected accounts, forcing users to re-register. The team also recommended enabling a registration lock that bars anyone from re-registering on other devices without providing a PIN code.
Twilio revealed the breach on August 8th. The currently unidentified perpetrators used phishing scams to obtain login details and access the accounts of 125 customers. Although it’s not clear which other customers were affected, Twilio typically serves large companies and organizations.
The attack increases pressure on Signal to join other encrypted messaging providers in moving away from phone numbers, which can be vulnerable to SIM swaps and other digit-based schemes. This is also a reminder that systems are only as secure as their technology partners — a slip at a third-party is sometimes as dangerous as a direct assault.
Ethereum (ETH) Price Drops Below $1900 Despite Successful Merge Test
Over 1,900 block-producing nodes in the Solana ecosystem, new report reveals
Solana released its first “Validator Health Report” post-wallet hack, which reveals 3,400 validators across six different continents.