* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Friday, October 24, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Johnny Depp Set To Finally Make His Big Hollywood Comeback After Amber Heard Controversy – Yahoo

    Johnny Depp Set for a Triumphant Hollywood Comeback Following Amber Heard Controversy

    ‘Chainsaw Man — The Movie: Reze Arc’ Review: Hit Manga Gets an Ultra-Violent, Surprisingly Emotional Big-Screen Adaptation – Yahoo

    Chainsaw Man – The Movie: Reze Arc Review: A Brutal and Unexpectedly Emotional Big-Screen Adaptation

    Reba McEntire Details Personal Relationship With Late Stepson Brandon Blackstock – KNDU

    Reba McEntire Shares Emotional Tribute to Her Late Stepson Brandon Blackstock

    Sacramento city leaders approve adding 2 entertainment zones in midtown – CBS News

    Sacramento City Leaders Approve Two Thrilling New Entertainment Zones in Midtown

    AMC brings first new Dolby Experience to Gwinnett since 2017 – Wyoming News Now

    AMC Launches First New Dolby Experience in Gwinnett Since 2017

    Hetzel Design: blending architecture and entertainment – Blooloop

    Hetzel Design: Where Architecture and Entertainment Unite in Perfect Harmony

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Project underway to upgrade technology on 911 towers in Kanawha County – WCHS

    Kanawha County Launches Major Upgrade to 911 Tower Technology

    Next steps: Technology opens new options for greater mobility – Missouri Independent

    Next Steps: How Technology is Opening Exciting New Doors to Greater Mobility

    Rydberg Technologies Inc. Announces Launch of Rydberg Photonics in Berlin – The Quantum Insider

    Rydberg Technologies Launches Exciting New Photonics Division in Berlin

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Johnny Depp Set To Finally Make His Big Hollywood Comeback After Amber Heard Controversy – Yahoo

    Johnny Depp Set for a Triumphant Hollywood Comeback Following Amber Heard Controversy

    ‘Chainsaw Man — The Movie: Reze Arc’ Review: Hit Manga Gets an Ultra-Violent, Surprisingly Emotional Big-Screen Adaptation – Yahoo

    Chainsaw Man – The Movie: Reze Arc Review: A Brutal and Unexpectedly Emotional Big-Screen Adaptation

    Reba McEntire Details Personal Relationship With Late Stepson Brandon Blackstock – KNDU

    Reba McEntire Shares Emotional Tribute to Her Late Stepson Brandon Blackstock

    Sacramento city leaders approve adding 2 entertainment zones in midtown – CBS News

    Sacramento City Leaders Approve Two Thrilling New Entertainment Zones in Midtown

    AMC brings first new Dolby Experience to Gwinnett since 2017 – Wyoming News Now

    AMC Launches First New Dolby Experience in Gwinnett Since 2017

    Hetzel Design: blending architecture and entertainment – Blooloop

    Hetzel Design: Where Architecture and Entertainment Unite in Perfect Harmony

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Project underway to upgrade technology on 911 towers in Kanawha County – WCHS

    Kanawha County Launches Major Upgrade to 911 Tower Technology

    Next steps: Technology opens new options for greater mobility – Missouri Independent

    Next Steps: How Technology is Opening Exciting New Doors to Greater Mobility

    Rydberg Technologies Inc. Announces Launch of Rydberg Photonics in Berlin – The Quantum Insider

    Rydberg Technologies Launches Exciting New Photonics Division in Berlin

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Hackers abused API to verify millions of Authy MFA phone numbers

July 4, 2024
in Technology
Hackers abused API to verify millions of Authy MFA phone numbers
Share on FacebookShare on Twitter

Authy

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.

Authy is a mobile app that generates multi-factor authentication codes at websites where you have MFA enabled. 

In late June, a threat actor named ShinyHunters leaked a CSV text file containing what they claim are 33 million phone numbers registered with the Authy service.

ShinyHunters sharing Twilio Authy data on a hacking forumShinyHunters sharing Twilio Authy data on a hacking forum
Source: BleepingComputer

The CSV file contains 33,420,546 rows, each containing an account ID, phone number, an “over_the_top” column, account status, and device count.

Twilio has now confirmed to BleepingComputer that the threat actors compiled the list of phone numbers using an unauthenticated API endpoint. 

“Twilio has detected that threat actors were able to identify data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint. We have taken action to secure this endpoint and no longer allow unauthenticated requests,” Twilio told BleepingComputer.

“We have seen no evidence that the threat actors obtained access to Twilio’s systems or other sensitive data. As a precaution, we are requesting all Authy users to update to the latest Android and iOS apps for the latest security updates and encourage all Authy users to stay diligent and have heightened awareness around phishing and smishing attacks.”

In 2022, Twilio disclosed it suffered breaches in June and August that allowed threat actors to breach its infrastructure and access Authy customer information.

Abusing unsecured APIs

BleepingComputer has learned that the data was compiled by feeding a massive list of phone numbers into the unsecured API endpoint. If the number was valid, the endpoint would return information about the associated accounts registered with Authy.

Now that the API has been secured, it can no longer be abused to verify whether a phone number is used with Authy.

This technique is similar to how threat actors abused an unsecured Twitter API and Facebook API to compile profiles of tens of millions of users that contain both public and non-public information.

While the Authy scrape only contained phone numbers, they can still be advantageous to users looking to conduct smishing and SIM swapping attacks to breach accounts.

ShinyHunters alludes to this in their post, stating, “You guys can join it on gemini or Nexo db,” suggesting that threat actors compare the list of phone numbers to those leaked in alleged Gemini and Nexo data breaches.

If matches are found, the threat actors could attempt to perform SIM swapping attacks or phishing attacks to breach the cryptocurrency exchange accounts and steal all the assets.

Twilio has now released a new security update and recommends that users upgrade to Authy Android (v25.1.0) and iOS App (v26.1.0), which includes security updates. It is unclear how this security update helps to protect users from threat actors using the scraped data in attacks.

Authy users should also ensure their mobile accounts are configured to block number transfers without providing a passcode or turning off security protections.

Furthermore, Authy users should be on the lookout for potential SMS phishing attacks that attempt to steal more sensitive data, such as passwords.

In what appears to be an unrelated breach, Twilio has also begun sending data breach notifications after a third-party vendor’s unsecured AWS S3 bucket exposed SMS-related data sent through the company.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : BleepingComputer – https://www.bleepingcomputer.com/news/security/hackers-abused-api-to-verify-millions-of-authy-mfa-phone-numbers/

Tags: abusedhackerstechnology
Previous Post

Formula 1 governing body discloses data breach after email hacks

Next Post

OVHcloud blames record-breaking DDoS attack on MikroTik botnet

Dodgers’ Alex Vesia’s World Series availability unclear while dealing with ‘deeply personal family matter’ – CBS Sports

Dodgers’ Alex Vesia Faces Uncertainty Over World Series Availability Amid Personal Family Matter

October 24, 2025
Fewer pastors say economy is negatively impacting their churches in 2025: Lifeway Research – Christian Post

Growing Number of Pastors See Positive Economic Impact on Their Churches in 2025

October 24, 2025
Johnny Depp Set To Finally Make His Big Hollywood Comeback After Amber Heard Controversy – Yahoo

Johnny Depp Set for a Triumphant Hollywood Comeback Following Amber Heard Controversy

October 24, 2025
Duke professor Kyle Walsh to lead environmental institute of NIH after atypical selection process – The Duke Chronicle

Duke Professor Kyle Walsh Takes the Helm of NIH Environmental Institute After Unconventional Selection Process

October 24, 2025
‘A growing cancer’: The right’s growing acknowledgment of its own antisemitism – CNN

A Growing Cancer: How the Right Is Facing Its Own Antisemitism

October 24, 2025
Ecology researchers work to update Columbia River fish advisories — but face new challenges in climate change – Longview Daily News

Ecology researchers work to update Columbia River fish advisories — but face new challenges in climate change – Longview Daily News

October 24, 2025

Unlock the Secrets to Growing a Giant Pumpkin Using Science

October 24, 2025
Rare dinosaur mummies help scientists recreate their prehistoric lives – ABC News – Breaking News, Latest News and Videos

Rare Dinosaur Mummies Unlock Secrets of Their Prehistoric Lives

October 24, 2025
Orange Cat Celebrates Halloween by Putting Candy Corn in Her Water Bowl – Yahoo

Orange Cat’s Hilarious Halloween Trick: Candy Corn in Her Water Bowl!

October 24, 2025
Project underway to upgrade technology on 911 towers in Kanawha County – WCHS

Kanawha County Launches Major Upgrade to 911 Tower Technology

October 24, 2025

Categories

Archives

October 2025
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Sep    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (883)
  • Economy (905)
  • Entertainment (21,776)
  • General (17,773)
  • Health (9,946)
  • Lifestyle (917)
  • News (22,149)
  • People (905)
  • Politics (915)
  • Science (16,115)
  • Sports (21,404)
  • Technology (15,884)
  • World (888)

Recent News

Dodgers’ Alex Vesia’s World Series availability unclear while dealing with ‘deeply personal family matter’ – CBS Sports

Dodgers’ Alex Vesia Faces Uncertainty Over World Series Availability Amid Personal Family Matter

October 24, 2025
Fewer pastors say economy is negatively impacting their churches in 2025: Lifeway Research – Christian Post

Growing Number of Pastors See Positive Economic Impact on Their Churches in 2025

October 24, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version