Twilio, which offers communication tools to customers, admitted it has experienced a smishing cyber attack that witnessed siphoning of employee credentials leading to fraudulent access to customer accounts.
The cloud-based company stated in its fresh statement that a small portion of customers might have had their information stolen in the incident. And all the affected will be notified about the incident and how should they react to the incident.
According to sources familiar with the matter and would like to be anonymous, Twilio’s IT department employees received text messages on their phones stating an update to their accounts that needs a password reset. The message contained a link that directed them to a sign-in page of the company, but was a digital trap to harvest their account details.
As the URL mentioned in the link had words such as Twilio, Okta, and SSO, it tricked the users into entering the credentials, leading to unauthorized access to internal servers and data theft.
Though the company did not mention when the smishing attack occurred, it agreed that on August 4th of this year, its customer details were stolen.
Prima facie conducted by the law enforcement later revealed that the attack was a part of a larger campaign that even stuck a US telecom carrier, a hosting provider, and a software firm last month.
Twilio has reemphasized on keeping their employees aware of the attack vectors prevailing in the current cyber landscape and has issued advisories to shield themselves from such type of social engineering attacks.
NOTE- Facebook and Uber are among the list of 150,000 corporate customers of Twilio.