AWAH-Twilio
On this installment of "Another Week, Another Hack" we're talking about Twilio. More importantly, we're talking about the Twilio data breach and massive lay offs that transpired this week.
Twilio, for those of you who don't know, is an engagement platform that partners with multiple big named corporate entities.
Unfortunately, the communications giant announces that hackers were successfully obtaining employee login credentials to access client data. Even worse, this week the company lays off 11% of their work force.
Let's get into it.
The Data Breach
Twilio is a San Fransisco based company that enables customers to integrate voice and SMS capabilities - like two-factor authentication (2FA) - into their own applications.
They became aware of "unauthorized access" to data pertaining to Twilio client accounts on August 4th.
Twilio acknowledged that malicious actors acquired the data of 125 customers, although they did not reveal what information was taken.
According to Twilio's privacy policy, the data they collect includes addresses, payment information, IP addressed, and, in certain situations, identity documentation.
A data breach is so dangerous is because Twilio does business with more than 150,000 corporations, including Facebook and Uber. Their client data can lead to numerous businesses becoming a target for cyber abuse.
The still unknown threat actor was able to trick a number of Twilio employees into providing company login credentials. Credentials that allow them access to the business' internal systems.
How This Happens to a Massive Company
Threat actors using techniques like SMS phishing to message employees acting as Twilios internal IT team.
The tactic includes suggesting to employees that their passwords were about to expire or that there was a change in their schedule.
Actors prompted these employees to log into a phony web address where the hacker was able to take control. According to Twilio, the attackers used terms like "Okta" and "SSO," which stand for single sign-on, to make the messages appear authentic.
Many companies use this approach to safeguard access to their internal apps. (Earlier this year, Okta experienced a breach that granted hackers access to its internal systems.) In addition to working with registrars and hosting companies to take down the fraudulent URLs used in the campaign, Twilio said it collaborated with American carriers to stop the fake messages.
However, the hackers remain determine.
Despite Twilios efforts, the threat actors were able to switch between carriers and hosting providers to continue their attacks.
We have to assume these bad actors are well-organized, smart and deliberate in their operations so far. The same group of hackers were the ones setting up fake web pages, impersonating other businesses, including a U.S. internet provider, an outsourced IT company and a massive customer service provider.
Since the hack, Twilio has cracked down on security, revoking access to any affected accounts and ramped up their security awareness training to make sure staff members are on "high-alert" for social engineering attempts.
The Lay Offs
Quickly following this massive breach of data, Twilio has made the decision to lay off over 11% of its workforce. This means the $14 Billion company will say goodbye to 800-900 employees.
It is still unclear whether the data breach further led to the lay off of staff.
Twilio CEO, Jeff Lawson, makes the announcement that Twilio was growing too fast and in order to be profitable, these lay offs are necessary.
Many of those affected by this decision took to LinkedIn to express their thoughts on the lay offs.
We will start seeing repercussions in the next coming months. Having a massive data breach that impacted 163 clients and publicly laying off over 800 employees may negatively impact public perception of Twilio.
Protect Your Business
This is why it is so important that ALL businesses take the time to provide cybersecurity training to their staff. Ongoing training that occurs several times during the year will significantly improve the security of your business. It takes one employee that provides information to a phishing email to let bad actors into an entire network.
Don't let your business fall victim to hackers, get help today securing your network. We can help!
What do you think about the Twilio data breach and massive lay offs?
Check out our recent YouTube video where we talk about The Top 5 Situations that Call for an MSP. If you require cybersecurity assistance to help your business defend against unprecedented data leaks,, feel free to book a time to chat with us via the Calendly link below. I'd be happy to discuss ways to optimize your company's IT.
Click here to schedule a free 15-minute meeting with Stan Kats, our Founder and Chief Technologist.
STG IT Consulting Group proudly provides IT Service for Small to Medium Businesses in Greater Los Angeles. We'd love to see if we can help you too!
