Signal Messenger, the known encrypted messaging application, faces a massive breach for its 1,900 users whose phone numbers were exposed via a service that suffered from a phishing attack. The company now revealed via a release that says its partner for SMS verifications, Twilio, was the source of the breach in which it compromised users.
Signal: Twilio Phishing Attack Exposed 1,900 Phone Numbers
Signal Messenger went to Twitter to announce that Twilio's recent breach brought a dispute among its users which also affect them in the phishing attack that the SMS verification system suffered. Here, Signal assures the public that despite their phone numbers being exposed in the process, there should not be many worries from users.
Additionally, Signal's blog post confirmed that it indeed took effect on the phishing attack as a small percentage of users, whose phone numbers were exposed, see its outcome.
Nevertheless, the encrypted messaging app took it upon itself to message these people individually, notified them of the attack, and gave ways to secure their accounts further. The company said that it wants those affected and other users of Signal Messenger to enable registration lock to avoid any breach in the future using phone numbers.
Twilio's Access Put Signal Messenger Users at Risk
Twilio is a company that provides SMS verification for Signal Messenger, and it was the one that suffered from the breach, not the encrypted messaging application. Still, Twilio's attack is the main source of the problem and put users at risk for the phishing incident that it suffered from threat actors.
Signal Messenger and its Encrypted Systems
Signal Messenger is a known app for its encrypted systems, and it gained fame when people are looking for a replacement for WhatsApp, for their instant messaging needs. One of the most significant events for Signal Messenger is when Elon Musk recommended its use to avoid any data exposure while using it.
Since then, alternative instant messaging apps like Telegram, Signal, and other names in the application stores gave rise to the switch, and it only shows that people want to protect their data online. Signal's fame rose and it reached up to 10 million downloads, and users after the WhatsApp incident and it gave people a choice and control over their data.
Now, Signal Messenger still promises the same features and encryption on its application, avoiding data exposure for users. However, the recent breach is a massive dispute among users, especially those whose phone numbers were part of the recent breach that exploited its partner company for SMS verifications, Twilio.
Signal already notified these users and wants everyone to focus on the registration lock to further protect their accounts.
This article is owned by TechTimes
Written by Isaiah Richard