Twilio’s recent network intrusion aided the hackers in accessing the data of 125 Twilio customers and companies, including end-to-end encrypted messaging app Signal, after tricking employees into handing over their corporate login credentials and two-factor codes.
Recently hackers targeted Twilio by duping employees into handing over their passwords.
The attackers then used the stolen credentials to access some of its internal systems, where they could access specific customer data.
Cybersecurity company Group-IB says the attack on Twilio was part of a broader campaign by the hacking group it’s calling “0ktapus,” a reference to how the hackers predominantly target organizations that use Okta, Inc (NASDAQ: OKTA) as a single sign-on provider.
Group-IB found that most targeted companies are headquartered in the U.S. or have U.S.-based staff. The attackers have stolen at least 9,931 user credentials since March.
Group-IB notes that the attacker first targeted mobile operators and telecommunications companies and “could have collected the numbers from those initial attacks.”
The corporate victims included “well-known organizations,” most of which provide IT, software development, and cloud services. The threat actors also targeted 13 organizations in the finance industry, seven retail giants, and two video game organizations.
Price Action: TWLO shares traded higher by 1.82% at $74.24 on the last check Thursday.
Photo via Wikimedia Commons
See more from Benzinga
Don't miss real-time alerts on your stocks - join Benzinga Pro for free! Try the tool that will help you invest smarter, faster, and better.
© 2022 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.