In response to a data breach at verification partner Twilio, the privacy-focused messaging service Signal has received an confirmed that 1,900 of its users’ phone numbers and SMS codes have been made public.
The first company that comes to mind when discussing privacy and security in messaging apps is Singal. The app has insisted on having strong security measures in place to safeguard user information and offer a secure messaging environment. Signal is now in a critical state due to a third-party partner’s data leak. Signal also disputed the reports of a server compromise in March.
The data breach occurred at Twilio as the verification partner, according to the company’s announcement . Additionally, according to TechCrunch, hackers exploited the data to track down Signal users or re-register their phone numbers with different gadgets.
Advertisement A hacker might have attempted to re-register 1,900 users’ phone numbers to different devices or discovered that their numbers were registered to Signal. Twilio has since stopped this exploit from happening. 1,900 users represents a very small portion of Signals’ overall user base, indicating that the majority were unaffected. stated Signal.
Additionally, three phone numbers are the focus of the attack, and one user’s account could be reregistered. Singals’ practice of not storing chat history or contact lists helps the business safeguard other sensitive data.
A TWILIO DATA BREACH AFFECTED ABOUT 1,900 SIGNAL USERS. Of course, Signal claims that it is taking the appropriate actions to reduce the breadth of the damage. They first compelled customers to re-register after unregistering the app on all devices connected to the impacted accounts. Users of Signal are advised to enable a registration lock. Anytime you want to re-register your account on a different device after the functionality has been activated, you must provide a PIN code.
Advertisement On August 8th, Twilio formally announced the data breach, stating that 125 customers’ accounts had been compromised. Numerous well-known corporations use Twilio’s services, and the names of any further businesses that were impacted are still unknown.
SMS alerts are being sent by Signal to the impacted individuals. You can get a notice from Signal stating, This is from Signal Messenger, if your account has been compromised. We’re contacting you to help you safeguard your Signal account. Open Signal and sign up once more. For more information, visit signal.org/smshelp.