Some Signal users' phone numbers were exposed in Twilio breach
Signal is, more often than not, synonymous with privacy and security. After all, its encryption protocol not only protects its own chats with end-to-end encryption, but it's also featured on messaging apps like WhatsApp, which are used by billions of people worldwide. Despite its chat app being made with a focus on security from the ground up, this is the internet, which means nothing is truly foolproof. Case in point, a breach that saw attackers gain access to Twilio's customer support console through phishing has affected some Signal users, exposing their phone numbers.
In a statement, Signal has confirmed that the Twilio breach has affected a small number of users. Twilio provides phone number verification services to Signal, sending users OTP codes when they're registering the app. Luckily, this small number is really tiny, only affecting 1,900 unlucky individuals. That's a fraction of Signal's 40 million daily active users.
Message history, contact information, contact lists, and other personal data remained unaffected, since most (or all) of this info is stored on your device rather than on Signal's server (depending on your setup). But the fact that phone numbers were exposed means that a potential attacker was able to learn that a phone number was using Signal, or re-register the phone number on another phone. In fact, out of those 1,900 exposed users, Signal says that attackers looked for three specific phone numbers, and one of them was re-registered on another device. Thankfully, all is good now over at Twilio, so further Signal accounts are no longer in danger.
If you were one of the 1,900 users affected, Signal should've reached out to you via SMS already (or should be about to do so). If the app prompts you to re-register your Signal account again, you'll need to do that, as potentially affected accounts were un-registered as a safety measure. Also, while you're at it, you should also turn on registration lock. That way, if any other breaches like this happen in the future, you should be safe from potential attackers.
( Details and picture courtesy from Source, the content is auto-generated from RSS feed.)
Join our official telegram channel for free latest updates and follow us on Google News here.
