Twillio reports final findings of ‘smishing’ incident

The American communication program company, Twillio, provided in its blog post the final findings of the cyber incident of 9 August 2022 that targeted its employees and customers. In August 2022, the company identified unauthorized access that stole employee credentials via phishing SMS and affected 209 customer accounts. Hackers pretended to be the IT team of the company, asking employees and customers to change their account passwords.  No evidence indicates that hackers accessed customer console account credentials, authentication tokens, or API keys. Twillio stated that it reset the credentials of the comprised accounts, revoked all active sessions associated with the compromised OKTA-integrated apps, blocked all indicators connected with the attack, and initiated takedown requests of fake accounts.