Data leakage in Twilio, Slack and Cloudflare by smishing their workers
These three companies have been victims of a smishing cyberattack by sending SMS to their workers, where they were asked to update their passwords through the link that appeared in the text message.
Twilio has confirmed the cybercriminals' access to its employees' login credentials. On the Slack side, they have reported the reset of approximately 0.5% of their users' passwords after fixing the bug that exposed their password hashes. And finally, CloudFlare has stated that some of its employees' credentials were also stolen by smishing in the same way as the attack that Twilio has received, however, they defend that although the cybercriminals tried to access the users' accounts they did not manage to break into their systems.
References:
- 04/08/2022 twilio.com Data about our customers
- 05/08/2022 bleepingcomputer.com Slack resets passwords after exposing hashes in invitation links
- 09/08/2022 blog.cloudflare.com The mechanics of a sophisticated phishing scam and how we stopped it
- 10/08/2022 elhacker.net Filtración de datos en Twilio, Slack y Cloudflare mediante trabajadores que picaron en mensajes SMS falsos