* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Saturday, October 4, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Books about the arts and some haunts for a Denton October – Denton Record-Chronicle

    Uncover Artistic Treasures and Spooky Adventures to Experience in Denton This October

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

    Toni Braxton Is Turning Her Biggest Hits Into Lifetime Movies – Yahoo

    Toni Braxton Is Turning Her Biggest Hits Into Lifetime Movies – Yahoo

    Major airline to offer new in-flight entertainment options for passengers – PennLive.com

    Major airline to offer new in-flight entertainment options for passengers – PennLive.com

    Penn State-Themed Restaurant and Entertainment Spot Happy Valley Live Set to Open in State College – StateCollege.com

    Penn State-Themed Restaurant and Entertainment Spot Happy Valley Live Set to Open in State College – StateCollege.com

    The Police Made Chart History With This 1979 Hit Nearly 50 Years Ago – Yahoo

    How The Police Changed Music Forever with Their Iconic 1979 Hit Nearly 50 Years Ago

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    A Tech Expo Shows What China Can Make, but Not Who’ll Buy It All – The New York Times

    Inside China’s Tech Expo: Cutting-Edge Innovations Face Uncertain Demand

    Steampunk Metal Oval Technology Sense Sunglasses Personality Handmade Chain Multicolor Sunglasses UV400 – The San Joaquin Valley Sun

    Steampunk Metal Oval Sunglasses with Handmade Multicolor Chain – Bold UV400 Protection and Unique Style

    STELLA Automotive AI Appoints Fred Seidelman as Chief Technology Officer – Yahoo Finance

    STELLA Automotive AI Appoints Fred Seidelman as New Chief Technology Officer

    Saving Energy and Money with Smart Technology – Terms of Service with Clare Duffy – Podcast on CNN Podcasts – CNN

    Saving Energy and Money with Smart Technology – Terms of Service with Clare Duffy – Podcast on CNN Podcasts – CNN

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Books about the arts and some haunts for a Denton October – Denton Record-Chronicle

    Uncover Artistic Treasures and Spooky Adventures to Experience in Denton This October

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

    Toni Braxton Is Turning Her Biggest Hits Into Lifetime Movies – Yahoo

    Toni Braxton Is Turning Her Biggest Hits Into Lifetime Movies – Yahoo

    Major airline to offer new in-flight entertainment options for passengers – PennLive.com

    Major airline to offer new in-flight entertainment options for passengers – PennLive.com

    Penn State-Themed Restaurant and Entertainment Spot Happy Valley Live Set to Open in State College – StateCollege.com

    Penn State-Themed Restaurant and Entertainment Spot Happy Valley Live Set to Open in State College – StateCollege.com

    The Police Made Chart History With This 1979 Hit Nearly 50 Years Ago – Yahoo

    How The Police Changed Music Forever with Their Iconic 1979 Hit Nearly 50 Years Ago

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    A Tech Expo Shows What China Can Make, but Not Who’ll Buy It All – The New York Times

    Inside China’s Tech Expo: Cutting-Edge Innovations Face Uncertain Demand

    Steampunk Metal Oval Technology Sense Sunglasses Personality Handmade Chain Multicolor Sunglasses UV400 – The San Joaquin Valley Sun

    Steampunk Metal Oval Sunglasses with Handmade Multicolor Chain – Bold UV400 Protection and Unique Style

    STELLA Automotive AI Appoints Fred Seidelman as Chief Technology Officer – Yahoo Finance

    STELLA Automotive AI Appoints Fred Seidelman as New Chief Technology Officer

    Saving Energy and Money with Smart Technology – Terms of Service with Clare Duffy – Podcast on CNN Podcasts – CNN

    Saving Energy and Money with Smart Technology – Terms of Service with Clare Duffy – Podcast on CNN Podcasts – CNN

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Hackers abused API to verify millions of Authy MFA phone numbers

July 4, 2024
in Technology
Hackers abused API to verify millions of Authy MFA phone numbers
Share on FacebookShare on Twitter

Authy

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.

Authy is a mobile app that generates multi-factor authentication codes at websites where you have MFA enabled. 

In late June, a threat actor named ShinyHunters leaked a CSV text file containing what they claim are 33 million phone numbers registered with the Authy service.

ShinyHunters sharing Twilio Authy data on a hacking forumShinyHunters sharing Twilio Authy data on a hacking forum
Source: BleepingComputer

The CSV file contains 33,420,546 rows, each containing an account ID, phone number, an “over_the_top” column, account status, and device count.

Twilio has now confirmed to BleepingComputer that the threat actors compiled the list of phone numbers using an unauthenticated API endpoint. 

“Twilio has detected that threat actors were able to identify data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint. We have taken action to secure this endpoint and no longer allow unauthenticated requests,” Twilio told BleepingComputer.

“We have seen no evidence that the threat actors obtained access to Twilio’s systems or other sensitive data. As a precaution, we are requesting all Authy users to update to the latest Android and iOS apps for the latest security updates and encourage all Authy users to stay diligent and have heightened awareness around phishing and smishing attacks.”

In 2022, Twilio disclosed it suffered breaches in June and August that allowed threat actors to breach its infrastructure and access Authy customer information.

Abusing unsecured APIs

BleepingComputer has learned that the data was compiled by feeding a massive list of phone numbers into the unsecured API endpoint. If the number was valid, the endpoint would return information about the associated accounts registered with Authy.

Now that the API has been secured, it can no longer be abused to verify whether a phone number is used with Authy.

This technique is similar to how threat actors abused an unsecured Twitter API and Facebook API to compile profiles of tens of millions of users that contain both public and non-public information.

While the Authy scrape only contained phone numbers, they can still be advantageous to users looking to conduct smishing and SIM swapping attacks to breach accounts.

ShinyHunters alludes to this in their post, stating, “You guys can join it on gemini or Nexo db,” suggesting that threat actors compare the list of phone numbers to those leaked in alleged Gemini and Nexo data breaches.

If matches are found, the threat actors could attempt to perform SIM swapping attacks or phishing attacks to breach the cryptocurrency exchange accounts and steal all the assets.

Twilio has now released a new security update and recommends that users upgrade to Authy Android (v25.1.0) and iOS App (v26.1.0), which includes security updates. It is unclear how this security update helps to protect users from threat actors using the scraped data in attacks.

Authy users should also ensure their mobile accounts are configured to block number transfers without providing a passcode or turning off security protections.

Furthermore, Authy users should be on the lookout for potential SMS phishing attacks that attempt to steal more sensitive data, such as passwords.

In what appears to be an unrelated breach, Twilio has also begun sending data breach notifications after a third-party vendor’s unsecured AWS S3 bucket exposed SMS-related data sent through the company.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : BleepingComputer – https://www.bleepingcomputer.com/news/security/hackers-abused-api-to-verify-millions-of-authy-mfa-phone-numbers/

Tags: abusedhackerstechnology
Previous Post

Formula 1 governing body discloses data breach after email hacks

Next Post

OVHcloud blames record-breaking DDoS attack on MikroTik botnet

Inside Iowa Politics: Ian Roberts deceived Des Moines School Board, chair says – KTIV

Inside Iowa Politics: Ian Roberts deceived Des Moines School Board, chair says – KTIV

October 4, 2025
‘This is unprecedented:’ Ecology restricts surface water use in the Yakima River Basin – Yakima Herald-Republic

Unprecedented Move: Ecology Imposes New Restrictions on Yakima River Basin Surface Water Use

October 4, 2025
Roane State, TCAT Knoxville mark milestone at new health science campus – Oakridger

Roane State and TCAT Knoxville Celebrate Major Milestone at New Health Science Campus

October 4, 2025
Science Hill blanks Morristown East – Johnson City Press

Science Hill Cruises to a Commanding Shutout Over Morristown East

October 4, 2025
Favorite Halloween candies in Missouri, Oklahoma, Kansas, Arkansas – Yahoo

Discover the Most Beloved Halloween Candies in Missouri, Oklahoma, Kansas, and Arkansas!

October 4, 2025
MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

October 4, 2025
Dodgers’ Roki Sasaki opens up about pitching in relief – Yahoo Sports

Dodgers’ Roki Sasaki opens up about pitching in relief – Yahoo Sports

October 4, 2025
Ageing and health – World Health Organization (WHO)

Ageing and health – World Health Organization (WHO)

October 3, 2025
CFOs confident in their own companies but not in the economy – CFO.com

CFOs Reveal Unshakable Confidence in Their Companies Amid Economic Uncertainty

October 3, 2025
Books about the arts and some haunts for a Denton October – Denton Record-Chronicle

Uncover Artistic Treasures and Spooky Adventures to Experience in Denton This October

October 3, 2025

Categories

Archives

October 2025
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Sep    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (850)
  • Economy (870)
  • Entertainment (21,744)
  • General (17,398)
  • Health (9,913)
  • Lifestyle (883)
  • News (22,149)
  • People (872)
  • Politics (882)
  • Science (16,081)
  • Sports (21,371)
  • Technology (15,853)
  • World (853)

Recent News

Inside Iowa Politics: Ian Roberts deceived Des Moines School Board, chair says – KTIV

Inside Iowa Politics: Ian Roberts deceived Des Moines School Board, chair says – KTIV

October 4, 2025
‘This is unprecedented:’ Ecology restricts surface water use in the Yakima River Basin – Yakima Herald-Republic

Unprecedented Move: Ecology Imposes New Restrictions on Yakima River Basin Surface Water Use

October 4, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version