Twilio, a leading tech giant headquartered in San Francisco and operating worldwide, has revealed that the company’s employee and customer accounts have been compromised.
The company has revealed that ‘on August 4, 2022, Twilio became aware of unauthorised access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. This broad-based attack against our employee base succeeded in fooling some employees into providing their credentials. The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data. We continue to notify and are working directly with customers who were affected by this incident. We are still early in our investigation, which is ongoing’.
Jamie Moles, Senior Technical Manager, ExtraHop, commented on the news: “Attackers don’t need to be sophisticated and smart when users are willing to click on links from unsolicited emails and SMS messages. They continue to leverage phishing attacks because clearly they still work. While scammers prey on the trusting element of human nature, organisations should also think about how their technology investments support their education and awareness efforts. It’s time to think beyond the prevention box when it comes to phishing. Organisations spend about 75% of their security budgets on prevention tools. Yet we all know that it is only a matter of time before a breach occurs.
“We know that motivated, sophisticated cybercriminals can gain access to nearly any organisation. Smart defenders should have a defensive playbook around the midgame, where the attacker pivots through an organisation’s infrastructure, taking actions that can alert the team to the intrusion — command and control communications, data staging and lateral movement — before they’re able to access, exfiltrate or encrypt critical data.”
More on the news can be found here.