The Signal messaging service alerts 1,900 Twilio users to a security threat

By TechThop Team

Posted on: 16 Aug, 2022

As part of a data breach earlier this month, Twilio, a provider of a gateway that allows web platforms to communicate via SMS or phone calls suffered damage.

The hack may have had repercussions for Signal users, who use an encrypted messaging platform called Signal.

According to Signal's announcement, 1,900 users' accounts were possibly exposed to whoever hacked Twilio, and the attackers looked for three specific numbers during their time in control.

As far as Signal knows, one of the three users has communicated to Signal that the attackers have used their Twilio access to re-register a new device associated with the account.

As the account will be associated with their phone number, they will be able to receive and send messages from that account by simply entering their phone number.

A Signal spokesperson confirmed that users' message history, contact lists, profile information, blocked contacts as well as other personal information remained secure.

The problem arises, however, if one of the users that were potentially exposed does not install Signal's Registration Lock setting that requires a PIN to be entered when adding a new device to its system.

Whenever a person re-registered with the company, it could have created a new account for him if an attacker had attempted to do so.

A message containing a link to the company's support site will be sent out to customers who may be affected by the issue to get them the help they need.

As well as unregistering all devices connected to those accounts, it was confirmed that this process would be completed by tomorrow night when everything is completed.

For more stories like this

Explore our website