Digital Forensics Dispatch

Twilio Data Breach Occurred through Smishing

August 11, 2022

Recently, Mathew Schwartz of Bankinfo Security, wrote about the Twilio data breach. Twilio, a “customer engagement platform provider” writes Schwartz, disclosed a data breach on Sunday (August 7).  Twilio found that the attackers had been conducting the attack for over a week and had tricked employees into providing them with usernames and passwords.

Twilio has hired a third-party forensics firm to conduct a review of their systems to see what data was potentially accessed by the attackers, as well as to identify customers affected. The breach is interesting because the method of access in this case was through smishing.

If you are unaware of what smishing is, check out “Beware! Phishing Text Messages Soar in Volume and Sophistication” by Sensei’s President Sharon Nelson. 

The attackers utilized some social engineering to convince their targets that the messages they were receiving were legitimate. The messages reportedly contained information about Twilio and Okta, and they designed a webpage that looked like the Twilio user sign-on page. The users who clicked on the URL contained in the message were taken to the imposter page where their credentials were harvested by the attackers, allowing them access to Twilio’s systems.

Twilio’s investigation is still ongoing, and they haven’t fully identified the scope of the breach. Data breaches happen every day, and if you’re not training your employees on what to watch out for then it’s only a matter of time before you may find yourself a victim of a data breach.

Email:    Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensic