at 2:24 AM

Around 1,900 users of Signal had their phone numbers exposed via a Twilio breach

Signal has disclosed that a massive Twilio phishing attack disclosed the phone numbers of 1,900 of its users.

As detailed via an official support article, phone numbers and SMS codes for 1,900 users were exposed. The article states the following:

"All users can rest assured that their message history, contact lists, profile information, whom they'd blocked, and other personal data remain private and secure and were not affected."

This means, on the bright side, the private contents exchanged on Signal weren't leaked due to the Twilio attack. However, their phone numbers could have been reregistered to other devices without their consent. In order to counter this, the 1,900 impacted users were contacted by Signal directly and required to reregister. This notification process is set to be completed by August 16th.

To counter vulnerabilities from attacks like this in the future, Signal is "working with Twilio and potentially other providers to tighten up their security where it matters for our users." It recommends everyone that uses Signal to set up the registration lock.

Further coverage: Ars Technica Engadget TechCrunch The Verge

by Ian Dorfman

MORE ABOUT: #Instant Messengers #Encrypted Chat Apps #Group Chat Apps #Signal

Signal

1112

Free • Open Source
Instant Messenger

Signal is a messaging app with an unexpected focus on privacy, combined with all the features expected from a modern IM...

Related news

All news about Signal »

Comments

No comments so far, maybe you want to be first?