Twilio, a communication tool provider, has confirmed that a data breach that occurred in July had more implications than previously recognized. The same malicious actors that compromised the firm in July were also responsible for a breach the month prior that exposed customer information, the company says. The firm released an incident report that was concluded earlier this week and focuses mainly on the data breach incident. The attackers sent hundreds of smishing text messages to the mobile phones of current and former Twilio employees during the attack.
The attackers posed as IT administrators or Twilio employees, managing to trick some recipients into clicking password reset links. The links then transported the victim to fake Okta login pages that harvested credentials. The credentials were later used by the attackers to access internal administrative tools, apps, and customer information. The same threat actors were responsible for another phishing attempt, Twilio says, that occurred over the phone. Customers whose information was impacted were notified over the summer.
Read More: Twilio Reveals Further Security Breach