Comments
Signal revealed the phone numbers and SMS codes of 1900 users could have been breached in a phishing attack on Twilio, the verification services provider for the encrypted messaging app, earlier this month.
As per reports, hackers might have accessed the data of countable customers after successfully phishing multiple employees. Twilio did not reveal the identification of the victims, but are likely to include large organizations including Signal.
Signal claims that the attackers might not get the message history that the app does not store, or information that are secured through PIN, but “in the case that an attacker was able to re-register an account, they could send and receive Signal messages from that phone number.”
Signal also said that for the affected accounts it will unregister Signal on all devices that the users are currently using or the attacker might have registered on, and will require users to re-register Signal with their active phone number on their preferred device.
Signal assures users that it is working closely with Twilio on the investigation, and stronger security updates.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.